First published: Wed Jan 06 2021(Updated: )
SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SolarWinds Web Help Desk | =12.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-16954 is a vulnerability in SolarWinds Web Help Desk 12.7.0 that allows HTML injection via a Comment in a Help Request ticket.
CVE-2019-16954 has a severity rating of 5.4 (medium).
CVE-2019-16954 affects SolarWinds Web Help Desk 12.7.0 by allowing HTML injection via a Comment in a Help Request ticket.
Yes, CVE-2019-16954 can be fixed by applying the necessary patches or updates provided by SolarWinds.
You can find more information about CVE-2019-16954 in the references provided: [https://support.solarwinds.com/SuccessCenter/s/](https://support.solarwinds.com/SuccessCenter/s/), [https://www.esecforte.com/html-injection-vulnerability-in-solarwinds-web-help-desk/](https://www.esecforte.com/html-injection-vulnerability-in-solarwinds-web-help-desk/), [https://www.solarwinds.com/free-tools/free-help-desk-software](https://www.solarwinds.com/free-tools/free-help-desk-software).