SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Jul 2025 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Solarwinds
Solarwinds web Help Desk |
|
Vendors & Products |
Solarwinds
Solarwinds web Help Desk |
Tue, 29 Jul 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 29 Jul 2025 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files. | |
Title | SolarWinds Web Help Desk XML External Entity Injection (XXE) Vulnerability | |
Weaknesses | CWE-611 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: SolarWinds
Published: 2025-07-29T08:07:38.230Z
Updated: 2025-07-29T13:47:18.609Z
Reserved: 2025-02-08T00:19:09.395Z
Link: CVE-2025-26400

Updated: 2025-07-29T13:47:14.712Z

Status : Awaiting Analysis
Published: 2025-07-29T08:15:26.053
Modified: 2025-07-29T14:14:29.590
Link: CVE-2025-26400

No data.