CVE-2022-36965
Stored and DOM XSS in QoE Applications: Orion Platform
Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
SolarWinds · Orion PlatformWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes%2Cissues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platformhttps://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965