Vulnerabilities > Solarwinds > Orion Network Performance Monitor > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-24 CVE-2020-14007 Cross-site Scripting vulnerability in Solarwinds products
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.
network
low complexity
solarwinds CWE-79
5.4
5.4
2020-06-24 CVE-2020-14006 Cross-site Scripting vulnerability in Solarwinds products
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.
network
low complexity
solarwinds CWE-79
5.4
5.4