4 matches found
CVE-2019-16955
SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request...
CVE-2019-16955
SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request...
CVE-2019-16955
SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request...
CVE-2019-16955
CVE-2019-16955 affects SolarWinds Web Help Desk 12.7.0 and is a cross-site scripting (XSS) vulnerability triggered by an uploaded SVG document in a request. The root cause is improper handling of SVG uploads leading to script injection. Public documents (NVD, Red Hat, CNVD) confirm the issue; no ...