CVE-2010-4828

SolarWinds Orion NPM 10.1 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to MapView.aspx; NetObject parameter to (2) NodeDetails.aspx and (3) InterfaceDetails.aspx; and the (4) ChartName parameter to CustomChart.aspx.

References (5)

Scores

EPSS 0.0275
EPSS Percentile 85.8%

Classification

CWE
CWE-79
Status published

Affected Products (2)

solarwinds/orion_network_performance_monitor
n/a/n/a

Timeline

Published Aug 24, 2011
Tracked Since Feb 18, 2026