Vulnerabilities > Solarwinds > Network Performance Monitor Orion Platform 2018 Netpath

DATE CVE VULNERABILITY TITLE RISK
2020-02-17 CVE-2019-12954 Cross-site Scripting vulnerability in Solarwinds products
SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT.
network
low complexity
solarwinds CWE-79
5.4