Solarwinds · Solarwinds · CVE-2021-35228
Name of the Vulnerable Software and Affected Versions:
No specific software or versions are mentioned in the provided descriptions.
Description:
The issue is caused by missing input sanitization for an output field extracted from headers on a specific section of a page, leading to a reflective cross-site scripting attack. An attacker would need to perform a Man in the Middle attack to change the header for a remote victim.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.