Vulnerabilities > Solarwinds > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-03 | CVE-2021-25276 | Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds Serv-U 15.1.6/15.2.1/15.2.2 In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files (that include users' password hashes) that is world readable and writable. | 3.6 |
| 2021-02-03 | CVE-2020-28001 | Cross-site Scripting vulnerability in Solarwinds Serv-U 15.1.6/15.2.1 SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. | 3.5 |
| 2021-02-03 | CVE-2020-35482 | Cross-site Scripting vulnerability in Solarwinds Serv-U 15.1.6/15.2.1 SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS. | 3.5 |
| 2021-01-15 | CVE-2019-16961 | Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name. | 3.5 |
| 2021-01-04 | CVE-2019-16956 | Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. | 3.5 |
| 2021-01-04 | CVE-2019-16960 | Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field. | 3.5 |
| 2020-12-18 | CVE-2019-16955 | Cross-site Scripting vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request. | 3.5 |
| 2020-12-18 | CVE-2019-16957 | Cross-site Scripting vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account. | 3.5 |
| 2020-12-16 | CVE-2020-25621 | Improper Authentication vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 2.1 |
| 2020-12-16 | CVE-2020-25619 | Unspecified vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 3.6 |