CVE-2026-28298 | SolarWinds Observability Self-Hosted 2025.2/2025.2.1 cross site scripting

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability marked as problematic has been reported in SolarWinds Observability Self-Hosted 2025.2/2025.2.1. This impacts an unknown function. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-28298. The attacker must have access to the local network to execute the attack. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-28298 | SolarWinds Observability Self-Hosted 2025.2/2025.2.1 cross site scripting

Post correlati

CVE-2023-51547 | WPManageNinja Fluent Support Plugin up to 1.7.6 on WordPress sql injection

CVE-2023-5404 | Honeywell Experion Server heap-based overflow

CVE-2024-29731 | SportsNET 4.0.1 checkBlindFields idChallenge/idEmpresa sql injection

CVE-2024-22284 | Thomas Belser Asgaros Forum Plugin up to 2.7.2 on WordPress deserialization