cbcvebase.
CVE-2022-36965
published 2022-09-30

CVE-2022-36965: Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in…

PriorityP425medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.56%
42.6th percentile
Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).

Affected

2 ranges
VendorProductVersion rangeFixed in
solarwindsorion_platform>= 2020.2.6 and previous versions < 2022.3.02022.3.0
solarwindssolarwinds_platform< 2022.3.02022.3.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.