Skip to main content

Solarwinds Observability Self Hosted EUVDEUVD-2026-16183

| CVE-2026-28297 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-26 SolarWinds
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 26, 2026 - 14:30 euvd
EUVD-2026-16183
Analysis Generated
Mar 26, 2026 - 14:30 vuln.today
CVE Published
Mar 26, 2026 - 14:01 nvd
MEDIUM 6.1

DescriptionCVE.org

SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.

AnalysisAI

SolarWinds Observability Self-Hosted versions 2026.1.1 and earlier contain a stored cross-site scripting vulnerability that allows authenticated attackers with high privileges to inject malicious scripts into the application, resulting in unintended script execution within the security context of the affected system. The vulnerability requires administrative or high-privilege access and does not currently show evidence of active exploitation, though the ability to persist malicious payloads in stored data represents a significant insider threat. Affected organizations should prioritize patching to versions after 2026.1.1 to eliminate the XSS attack surface.

Technical ContextAI

The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting or XSS). In stored XSS attacks, malicious input is persisted in a backend data store and executed in victims' browsers when that data is rendered without proper output encoding or sanitization. SolarWinds Observability Self-Hosted (CPE: cpe:2.3:a:solarwinds:solarwinds_observability_self-hosted:*:*:*:*:*:*:*:*) is a self-hosted observability platform; the vulnerability likely affects user input fields, configuration parameters, or data ingestion pathways where scripts can be stored and later reflected to other users or administrative interfaces. Stored XSS in monitoring/observability platforms is particularly dangerous because these systems are typically accessed by privileged users and trusted administrators.

RemediationAI

Upgrade SolarWinds Observability Self-Hosted to a version after 2026.1.1 as documented in the vendor's security advisory. Until patching can be completed, implement network segmentation to restrict access to the self-hosted observability platform from trusted administrative networks only, enforce strong authentication and session management for high-privilege accounts, and monitor audit logs for unauthorized modifications to stored data or suspicious script injection attempts. Additional details on patched versions and deployment procedures are available at https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28297 and the release notes at https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/hco_2026-1-1_release_notes.htm.

Share

EUVD-2026-16183 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy