SolarWinds Serv-U Stored XSS Vulnerability

Vulnerability

SolarWinds Web Help Desk is vulnerable to a stored Cross-Site Scripting (XSS) issue [1]. An authenticated attacker who holds user-level permissions can modify a variable within the application to inject a malicious payload [1]. The exact variable and affected versions have not been fully detailed in the available references [1], but the vulnerability requires the attacker to have legitimate user access.

Exploitation

To exploit this vulnerability, an attacker must have an authenticated session and possess at least user-level permissions in SolarWinds Web Help Desk [1]. The attacker then modifies the vulnerable variable by injecting a payload, such as JavaScript code [1]. No further user interaction or network position is mentioned in the references beyond the authenticated access [1].

Impact

Successful exploitation allows the attacker to execute arbitrary script content in the context of the affected application [1]. This can lead to data theft, session hijacking, or defacement, depending on the payload. Since it is stored XSS, the payload persists and may affect other users [1].

Mitigation

SolarWinds has not yet disclosed a fixed version, workaround, or EOL status in the available references [1]. Users should monitor the SolarWinds Trust Center for updates [1].