SolarWinds Platform Reflected Cross-Site Scripting Vulnerability

(CVE-2024-52612)

Summary

SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a high- privileged account to be exploitable.

Affected Products

SolarWinds Platform 2024.2.1 and older versions

Fixed Software Release

SolarWinds Platform 2025.1

Acknowledgments

Anonymous

Advisory Detail

Severity

6.8 High

Advisory ID

CVE-2024-52612

First Published

02/11/2025

Fixed Version

SolarWinds Platform 2025.1

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H