SolarWinds.Serv-U.FTP.Server.USER_FULL_NAME.Stored.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in SolarWinds Serv-U FTP Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs when the vulnerable software handles a maliciously crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the target user.
Affected Products
SolarWinds Serv-U FTP Server prior to 15.1.7 Hotfix 2
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-1-7-Hotfix-2
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |