2 matches found
CVE-2021-35228
CVE-2021-35228 affects SolarWinds SolarWinds Database Performance Analyzer (DPA) in version 2021.3.7388, due to missing input sanitization of a header-extracted output field, enabling a reflected XSS if an attacker can perform a MITM to modify a header. The vulnerability is described as a reflect...
CVE-2021-35228 Reflected cross site scripting affecting SolarWinds: DPA 2021.3.7388
This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remo...