Stored HTML Injection in SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) via Web Console Settings

Stored HTML Injection in SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) via Web Console Settings

CVE-2019-12863 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.

Learn more about our Web App Pen Testing.