Reflected XSS Vulnerability in SolarWinds Database Performance Analyzer 11.1.457

Reflected XSS Vulnerability in SolarWinds Database Performance Analyzer 11.1.457

CVE-2018-19386 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.

Learn more about our Web Application Penetration Testing UK.