CVE-2026-28322
SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability
CVSS Score
5.6
EPSS Score
0.0%
EPSS Percentile
0th
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
| CWE | CWE-20 |
| Vendor | solarwinds |
| Product | database performance analyzer |
| Published | Jun 30, 2026 |
Stay Ahead of the Next One
Get instant alerts for solarwinds database performance analyzer
Be the first to know when new medium vulnerabilities affecting solarwinds database performance analyzer are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Affected Versions
SolarWinds / Database Performance Analyzer
2026.1 and below
References
solarwinds.com: https://www.solarwinds.com/trust-center/security-advisories/cve-2026-28322 documentation.solarwinds.com: https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2026-2_release_notes.htm support.solarwinds.com: https://support.solarwinds.com/SuccessCenter/s/article/DPA-Secure-Configuration-Guide-Best-Practices-and-Recommendations?language=en_US