CVE-2023-33229
LowCVSS 3.5Exploitation Probability (EPSS)
Elevated risk51th percentile — higher than 51% of all known CVEs
Summary
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML.
Risk Assessment
This threat could lead to XSS attacks, potentially resulting in data theft or session hijacking. Organizations should be aware of the risks associated with unauthorized access to their systems.
Recommendation
It is recommended to update the SolarWinds platform to the latest version and implement appropriate security measures to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML.

