2 matches found
SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting
SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. id: CVE-2018-19386 info: nam...
CVE-2018-19386
SolarWinds Database Performance Analyzer 11.1.457 contains a reflected XSS in idcStateError where the page parameter is reflected into the HREF of the “Try Again” button at /iwc/idcStateError.iwc?page=. Exploitation would execute script in the victim’s browser, potentially enabling session hijack...