CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32604

Share/IncomingWizard.htm in SolarWinds Serv-U before 15.2.3 mishandles the user-supplied SenderEmail parameter, aka "Share URL XSS."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.7%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2021-32604

Solarwinds » Serv-U » Version: 15.1

cpe:2.3:a:solarwinds:serv-u:15.1
Solarwinds » Serv-U » Version: 15.1.1

cpe:2.3:a:solarwinds:serv-u:15.1.1
Solarwinds » Serv-U » Version: 15.1.2

cpe:2.3:a:solarwinds:serv-u:15.1.2
Solarwinds » Serv-U » Version: 15.1.3

cpe:2.3:a:solarwinds:serv-u:15.1.3
Solarwinds » Serv-U » Version: 15.1.4

cpe:2.3:a:solarwinds:serv-u:15.1.4
Solarwinds » Serv-U » Version: 15.1.5

cpe:2.3:a:solarwinds:serv-u:15.1.5
Solarwinds » Serv-U » Version: 15.1.6

cpe:2.3:a:solarwinds:serv-u:15.1.6
Solarwinds » Serv-U » Version: 15.1.7

cpe:2.3:a:solarwinds:serv-u:15.1.7
Solarwinds » Serv-U » Version: 15.2.1

cpe:2.3:a:solarwinds:serv-u:15.2.1
Solarwinds » Serv-U » Version: 15.2.2

cpe:2.3:a:solarwinds:serv-u:15.2.2

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved