Vulnerability Details CVE-2018-19386
SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.233
EPSS Ranking 95.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-19386
-
cpe:2.3:a:solarwinds:database_performance_analyzer:11.1.457