Vulnerabilities > Solarwinds > WEB Help Desk
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-10 | CVE-2021-35251 | Information Exposure Through an Error Message vulnerability in Solarwinds web Help Desk Sensitive information could be displayed when a detailed technical error message is posted. | 5.0 |
2021-12-23 | CVE-2021-35243 | Unspecified vulnerability in Solarwinds web Help Desk The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. | 5.0 |
2021-08-26 | CVE-2021-32076 | Authentication Bypass by Spoofing vulnerability in Solarwinds web Help Desk Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. | 5.3 |
2021-01-15 | CVE-2019-16961 | Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name. | 3.5 |
2021-01-06 | CVE-2019-16954 | Injection vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket. | 4.9 |
2021-01-04 | CVE-2019-16960 | Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field. | 3.5 |
2021-01-04 | CVE-2019-16956 | Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. | 3.5 |