Vulnerability Details CVE-2020-14007
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.6%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2020-14007
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:2019.4
-
cpe:2.3:a:solarwinds:orion_web_performance_monitor:2019.4.1