Posted by Jack Misiura via Fulldisclosure on Feb 11

Title: Stored XSS

Product: SolarWinds Serv-U FTP Server

Vendor Homepage: https://www.solarwinds.com/

Vulnerable Version: 15.2.1 and lower

Fixed Version: 15.2.2

CVE Number: CVE-2020-28001

Author: Jack Misiura from The Missing Link

Website: https://www.themissinglink.com.au

Timeline:

2020-10-30 Disclosed to Vendor

2021-01-21 Vendor releases patched version

2021-08-02 Publication

1. Vulnerability Description

SolarWinds Serv-U FTP…
Read More – Full Disclosure


By |2021-02-12T01:18:50+00:00February 12th, 2021|