Name of the Vulnerable Software and Affected Versions:

SolarWinds Web Help Desk (affected versions not specified)

Description:

SolarWinds Web Help Desk is susceptible to an XML External Entity (XXE) injection issue that may result in information disclosure. Successful exploitation requires valid, low-privilege access, or access to the local server to modify configuration files.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.