Intrusion Prevention



This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in SolarWinds Orion IPAM's web interface.
The vulnerability is due to insufficient sanitizing of user-supplied input, which is echoed back to the user. An attacker can exploit this issue to inject HTML and script code, which will be executed in the target user's browser in the security context of the vulnerable site.

Affected Products

SolarWinds Orion IPAM prior to v3.0-HotFix1


System Compromise: Remote attackers can enable non-privileged code execution.

Recommended Actions

The vendor, SolarWinds, has released the following patch

CVE References