CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13169

Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.4%

CVSS Severity

CVSS v3 Score 9.0

CVSS v2 Score 3.5

References

Products affected by CVE-2020-13169

Solarwinds » Orion Platform » Version: 2016.1

cpe:2.3:a:solarwinds:orion_platform:2016.1
Solarwinds » Orion Platform » Version: 2016.2

cpe:2.3:a:solarwinds:orion_platform:2016.2
Solarwinds » Orion Platform » Version: 2017.1

cpe:2.3:a:solarwinds:orion_platform:2017.1
Solarwinds » Orion Platform » Version: 2017.3

cpe:2.3:a:solarwinds:orion_platform:2017.3
Solarwinds » Orion Platform » Version: 2018.2

cpe:2.3:a:solarwinds:orion_platform:2018.2
Solarwinds » Orion Platform » Version: 2018.4

cpe:2.3:a:solarwinds:orion_platform:2018.4
Solarwinds » Orion Platform » Version: 2019.2

cpe:2.3:a:solarwinds:orion_platform:2019.2
Solarwinds » Orion Platform » Version: 2019.4

cpe:2.3:a:solarwinds:orion_platform:2019.4
Solarwinds » Orion Platform » Version: 2019.4.2

cpe:2.3:a:solarwinds:orion_platform:2019.4.2
Solarwinds » Orion Platform » Version: 2020.2

cpe:2.3:a:solarwinds:orion_platform:2020.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13169

Products

Pricing

Contact Us