CVE-2024-52612

MEDIUM 6.8

SolarWinds Platform Reflected Cross-Site Scripting Vulnerability

CVSS Score

6.8

EPSS Score

0.0%

EPSS Percentile

0th

SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a high- privileged account to be exploitable.

CWE	CWE-79
Vendor	solarwinds
Product	solarwinds platform
Published	Feb 11, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for solarwinds solarwinds platform

Be the first to know when new medium vulnerabilities affecting solarwinds solarwinds platform are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

SolarWinds / SolarWinds Platform

2024.4.1 and previous versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

documentation.solarwinds.com: https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-1_release_notes.htm solarwinds.com: https://www.solarwinds.com/trust-center/security-advisories/cve-2024-52612