Vulnerabilities > Solarwinds > Serv U FTP Server > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-05 | CVE-2020-22428 | Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server and Serv-U MFT Server SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload. | 3.5 |
| 2019-12-18 | CVE-2019-19829 | Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server 15.1.7 A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182. | 3.5 |
| 2019-12-16 | CVE-2019-13182 | Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server 15.1.7 A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7. | 3.5 |
| 2019-03-21 | CVE-2018-19934 | Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server 15.1.6.25 SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter. | 3.5 |