Posted by Jack Misiura via Fulldisclosure on Feb 11
Title: Stored XSS
Product: SolarWinds Serv-U FTP Server
Vendor Homepage: https://www.solarwinds.com/
Vulnerable Version: 15.2.1 and lower
Fixed Version: 15.2.2
CVE Number: CVE-2020-28001
Author: Jack Misiura from The Missing Link
Website: https://www.themissinglink.com.au
Timeline:
2020-10-30 Disclosed to Vendor
2021-01-21 Vendor releases patched version
2021-08-02 Publication
1. Vulnerability Description
SolarWinds Serv-U FTP…
– Read More – Full Disclosure