Description
In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.
References
Release NotesVendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38110
Release NotesVendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-01-20T18:15:10.190
2 years agoLast modified
2023-08-03T18:15:10.607
1 year ago