All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-28322
MEDIUMpublished 2026-06-30 23:17 UTC · 4 days ago · modified 2026-07-02 05:16 UTC
5.6
CVSS / 10
// description
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
// weaknesses (CWE)
- CWE-20
// references (3)
- https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2026-2_release_notes.htm
- https://support.solarwinds.com/SuccessCenter/s/article/DPA-Secure-Configuration-Guide-Best-Practices-and-Recommendations?language=en_US
- https://www.solarwinds.com/trust-center/security-advisories/cve-2026-28322