SolarWinds Platform Cross Site Scripting Vulnerability 

(CVE-2024-29003)

Summary

The SolarWinds Platform was susceptible to an XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction.

Affected Products

  • SolarWinds Platform 2024.1 and prior versions

Fixed Software Release

Acknowledgments

  • Jean-Michel Huguet & Arnoldas Radisauskas working with NATO

Advisory Details

Severity

7.5 High

Advisory ID

First Published

04/18/2024

Last Updated

04/18/2024