CVE-2022-38106
Cross-Site Scripting Vulnerability in Serv-U Web Client
CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th
This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.
| CWE | CWE-79 |
| Vendor | solarwinds |
| Product | serv-u file server |
| Published | Dec 16, 2022 |
| Last Updated | Aug 3, 2024 |
Stay Ahead of the Next One
Get instant alerts for solarwinds serv-u file server
Be the first to know when new medium vulnerabilities affecting solarwinds serv-u file server are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Affected Versions
SolarWinds / Serv-U File Server
15.3.0
References
solarwinds.com: https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38106 cve.mitre.org: https://cve.mitre.org/cgi-bin/cvename.cgi?name=%20CVE-2022-38106 documentation.solarwinds.com: https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm