WebHelpDesk
by SolarWinds
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28299 | Hig | 0.53 | 8.2 | 0.00 | Jun 2, 2026 | SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory. | ||
| CVE-2021-35254 | 0.00 | — | 0.01 | Mar 25, 2022 | SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future. | |||
| CVE-2019-20002 | 0.00 | — | 0.01 | Apr 27, 2020 | Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provided by a low-privileged user in the Subject field of a help request form) that is mishandled in a TicketActions/view?tab=group TSV export by an admin user. |
- risk 0.53cvss 8.2epss 0.00
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
- CVE-2021-35254Mar 25, 2022risk 0.00cvss —epss 0.01
SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future.
- CVE-2019-20002Apr 27, 2020risk 0.00cvss —epss 0.01
Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provided by a low-privileged user in the Subject field of a help request form) that is mishandled in a TicketActions/view?tab=group TSV export by an admin user.