CVE-2019-20002 is a vulnerability in SolarWinds Webhelpdesk
Published on April 27, 2020
Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provided by a low-privileged user in the Subject field of a help request form) that is mishandled in a TicketActions/view?tab=group TSV export by an admin user.
Products Associated with CVE-2019-20002
Want to know whenever a new CVE is published for SolarWinds Webhelpdesk? stack.watch will email you.
Exploit Probability
EPSS
1.05%
Percentile
77.27%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.