CVE-2026-28297 | SolarWinds Observability Self-Hosted 2025.2/2025.2.1 cross site scripting

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability labeled as problematic has been found in SolarWinds Observability Self-Hosted 2025.2/2025.2.1. This affects an unknown function. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2026-28297. The attack requires being on the local network. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-28297 | SolarWinds Observability Self-Hosted 2025.2/2025.2.1 cross site scripting

Post correlati

CVE-2025-11360 | jakowenko double-take up to 1.13.1 API api/src/app.js app.use X-Ingress-Path cross site scripting

CVE-2023-33110 | Qualcomm 4 Gen 1 Mobile Platform PCM Host Voice Audio Driver race condition

CVE-2023-6879 | libaom up to 3.7.0 Multi-Thread av1_loop_restoration_dealloc heap-based overflow

CVE-2025-5074 | FreeFloat FTP Server 1.0 PROMPT Command buffer overflow