Description
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Anthony Trummer · textwebappsasp
https://www.exploit-db.com/exploits/37995
References (1)
Core 1
Core References
Exploit, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/203844
Scores
EPSS
0.0977
EPSS Percentile
93.0%
Details
CWE
CWE-79
Status
published
Products (10)
solarwinds/ip_address_manager_web_interface
< 3.0
solarwinds/orion_network_performance_monitor
solarwinds/orion_network_performance_monitor
10.0
solarwinds/orion_network_performance_monitor
10.1
solarwinds/orion_network_performance_monitor
10.1.13.0
solarwinds/orion_network_performance_monitor
10.2
solarwinds/orion_network_performance_monitor
10.2.1
solarwinds/orion_network_performance_monitor
10.2.2
solarwinds/orion_network_performance_monitor
10.3
solarwinds/orion_network_performance_monitor
10.3.1
Published
Oct 31, 2012
Tracked Since
Feb 18, 2026