SolarWinds Platform Incorrect Input Neutralization Vulnerability
(CVE-2023-33229)
Summary
The SolarWinds Platform was found to be susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML.
Affected Products
- SolarWinds Platform 2023.2.1 and prior versions
Fixed Software Release
Acknowledgments
- Juampa Rodriguez (@UnD3sc0n0c1d0)
Advisory Details
Severity
3.1 Low
Advisory ID
First Published
07/18/2023
Last Published
07/18/2023