Solarwinds: >> Serv-U >> 15.4.2 Security Vulnerabilities
Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2024-10-16
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Known exploited
CVSS Score
8.6
EPSS Score
0.944
Published
2024-06-06
A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
CVSS Score
5.7
EPSS Score
0.002
Published
2024-05-03
Page 2