CVE-2022-38106: Cross-Site Scripting Vulnerability in Serv-U Web Client
First published: Fri Dec 16 2022(Updated: )
This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.
Credit: psirt@solarwinds.com psirt@solarwinds.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Serv-U | =15.3.0 | |
| SolarWinds Serv-U | =15.3.1 |
Remedy
SolarWinds advises to upgrade to the latest version of Serv-U File Server 15.3.2 once became generally available.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-38106.
What is the severity of CVE-2022-38106?
The severity of CVE-2022-38106 is medium (5.4).
Which versions of SolarWinds Serv-U are affected by CVE-2022-38106?
The versions 15.3.0 and 15.3.1 of SolarWinds Serv-U are affected by CVE-2022-38106.
What is the CWE number for CVE-2022-38106?
The CWE number for CVE-2022-38106 is CWE-79.
How can I fix the vulnerability CVE-2022-38106?
To fix CVE-2022-38106, update your SolarWinds Serv-U software to version 15.3.2 or higher.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/references
- agent/description
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/remedy
- agent/last-modified-date
- agent/tags
- agent/event
- agent/first-publish-date
- vendor/solarwinds
- canonical/solarwinds serv-u
- version/solarwinds serv-u/15.3.0
- version/solarwinds serv-u/15.3.1