SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability (CVE-2026-28297)
Summary
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Affected Products
SolarWinds Observability Self-Hosted 2026.1 and below
Fixed Software Release
SolarWinds Observability Self-Hosted 2026.1.1
Acknowledgments
Steven Karschnia - Armadin
Advisory Details
Severity
Medium
Advisory ID
First Published
3/26/2026
Last Updated
3/26/2026
Fixed Version