SolarWinds Database Performance Analyzer 11.1.457 XSS CVE-2018-19386 Scanner

Details
Stay Up To Date
Asset Type

domain,ip,url

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

SolarWinds Database Performance Analyzer 11.1.457 XSS CVE-2018-19386 Scanner Detail

Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.

Some Advice for Common Problems

You should update to latest version.

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service