SolarWinds Orion Network Performance Monitor (NPM) Multiple Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

SolarWinds Orion NPM is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user- supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. SolarWinds Orion Network Performance Monitor (NPM) 10.1 is vulnerable other versions may also be affected.

References

http://www.solarwinds.com/
https://www.securityfocus.com/bid/45257

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4828

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion Unspecified Information Disclosure Vulnerability
AMSI 'file' Parameter Directory Traversal Vulnerability
APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
Apache Subversion Module Metadata Accessible
Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities

Take action and discover your vulnerabilities