SolarWinds Platform Edit Function Cross-Site Scripting Vulnerability

(CVE-2024-45715)

Summary

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.

Affected Products

SolarWinds Platform 2024.2.1 and previous versions

Fixed Software Release

SolarWinds Platform 2024.4

Acknowledgments

Maksym Vatsyk from Visa Cybersecurity Team

Advisory Details

Severity

7.1 High

Advisory ID

First Published

10/17/2024

Fixed Version

SolarWinds Platform 2024.4

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L