Medium severity5.4NVD Advisory· Published May 11, 2021· Updated Jun 17, 2026
CVE-2021-32604
CVE-2021-32604
Description
Share/IncomingWizard.htm in SolarWinds Serv-U before 15.2.3 mishandles the user-supplied SenderEmail parameter, aka "Share URL XSS."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SolarWinds/Serv-Udescription
- Range: <15.2.3
Patches
Vulnerability mechanics
References
3- www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/solarwinds-serv-u-1523-share-url-xss-cve-2021-32604/nvdExploitThird Party Advisory
- www.trustwave.com/en-us/resources/security-resources/security-advisories/nvdExploitThird Party Advisory
- documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-3_release_notes.htmnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.