SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability (CVE-2026-28298)
SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability (CVE-2026-28298)
Summary
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Affected Products
SolarWinds Observability Self-Hosted 2026.1 and below
Fixed Software Release
SolarWinds Observability Self-Hosted 2026.1.1
Acknowledgments
James Donlon-Armadin
Advisory Detail
Severity
Medium
Advisory ID
First Published
3/26/2026
Last Updated
3/26/2026
Fixed Version
CVSS Score