SolarWinds Platform Stored XSS Vulnerability
(CVE-2024-29004)
Summary
The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. High-privileged user credentials are needed, and user interaction is required to exploit this vulnerability.
Affected Products
- SolarWinds Platform 2024.1 SR 1 and previous versions
Fixed Software Release
Acknowledgments
- Jakub Brzozowski, Kamil Falkiewicz, Szymon Jacek with STM Cyber
Advisory Details
Severity
7.1 High
Advisory ID
First Published
06/04/2024
Last Updated
06/04/2024