CVE-2024-45712

low

Description

SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.

References

https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45712

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-1_release_notes.htm

Details

Source: Mitre, NVD

Published: 2025-04-15

Updated: 2025-04-15

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 2.6

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N