Lucene search

PRIOn knowledge basePRION:CVE-2023-33229

HistoryJul 26, 2023 - 3:15 p.m.

Input validation

2023-07-2615:15:00

PRIOn knowledge base

www.prio-n.com

solarwinds

vulnerability

input neutralization

url parameters

remote adversary

html

nvd

4.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML.

CPENameOperatorVersion
solarwinds_platformlt2023.3.0

CPE	Name	Operator	Version
	solarwinds_platform	lt	2023.3.0

References

documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm

www.solarwinds.com/trust-center/security-advisories/cve-2023-33229