SolarWinds DPA Stored XSS Enables Script Execution
CVE-2026-28322 Published on June 30, 2026
SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Vulnerability Analysis
Attack Vector:
ADJACENT_NETWORK
Attack Complexity:
HIGH
Privileges Required:
HIGH
User Interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2026-28322
Want to know whenever a new CVE is published for SolarWinds Database Performance Analyzer? stack.watch will email you.