CVE-2012-4939
SolarWinds Orion <3.0-HotFix1 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Anthony Trummer · textwebappsasp
https://www.exploit-db.com/exploits/37995
Scores
EPSS
0.0977
EPSS Percentile
92.9%
Details
CWE
CWE-79
Status
published
Products (11)
solarwinds/ip_address_manager_web_interface
< 3.0
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
... and 1 more
Published
Oct 31, 2012
Tracked Since
Feb 18, 2026