Shabeer Ali

**Name of the Vulnerable Software and Affected Versions** SolarWinds Observability Self-Hosted (affected versions not specified) **Description** The issue concerns an open redirection vulnerability where the URL is not properly sanitized. This could allow an attacker to manipulate the string and redirect a user to a malicious site. The attack complexity is high, and authentication is required. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SolarWinds Observability Self-Hosted (affected versions not specified) **Description** The issue is related to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.