Vulnerabilities > Solarwinds > Serv U MFT Server

DATE CVE VULNERABILITY TITLE RISK
2021-05-05 CVE-2020-22428 Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server and Serv-U MFT Server
SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.
network
low complexity
solarwinds CWE-79
4.8
2019-06-17 CVE-2019-12181 OS Command Injection vulnerability in Solarwinds Serv-U FTP Server and Serv-U MFT Server
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
network
low complexity
solarwinds CWE-78
8.8