Vulnerabilities > Solarwinds > Orion Network Performance Monitor > 2019.4

DATE CVE VULNERABILITY TITLE RISK
2020-06-24 CVE-2020-14007 Cross-site Scripting vulnerability in Solarwinds products
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.
network
solarwinds CWE-79
3.5
3.5
2020-06-24 CVE-2020-14006 Cross-site Scripting vulnerability in Solarwinds products
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.
network
solarwinds CWE-79
3.5
3.5
2020-06-24 CVE-2020-14005 Unspecified vulnerability in Solarwinds products
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event.
network
low complexity
solarwinds
8.8
8.8