solarwinds network-performance-monitor-orion-platform-2018-netpath CVE-2019-12954 vulnerability in SolarWinds Products
Published on February 17, 2020

SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT.

NVD


Products Associated with CVE-2019-12954

stack.watch emails you whenever new vulnerabilities are published in SolarWinds Network Performance Monitor Orion Platform 2018 Netpath or SolarWinds Network Performance Monitor Orion Platform 2018 Npm. Just hit a watch button to start following.

SolarWinds Network Performance Monitor Orion Platform 2018 Netpath
 
SolarWinds Network Performance Monitor Orion Platform 2018 Npm
 

Exploit Probability

EPSS
2.89%
Percentile
86.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.