exploitDog

CVE-2023-33231

Опубликовано: 18 июл. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

XSS attack was possible in DPA 2023.2 due to insufficient input validation

Ссылки

https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2-100_release_notes.htm
Release Notes
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33231
Patch
Vendor Advisory
https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2-100_release_notes.htm
Release Notes
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33231
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:solarwinds:database_performance_analyzer:*:*:*:*:*:*:*:*

Версия до 2023.2.100 (исключая)

EPSS

Процентиль: 65%

0.00492

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-w9jr-jx8g-86rc

CVSS3: 5.4

github

больше 2 лет назад

XSS attack was possible in DPA 2023.2 due to insufficient input validation

EPSS

Процентиль: 65%

0.00492

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79