What the vulnerability does
01Description
XSS attack was possible in DPA 2023.2 due to insufficient input validation
CVE-2023-33231
MEDIUM
CVE-2023-33231: XSS in SolarWinds Database Performance Analyzer 2023.2
CVSS base score
6.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
July 18, 2023
CVE published
October 21, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-68165
CVE-2024-33986 Cross-Site Scripting (XSS) vulnerability in Janobe products
CVE-2025-11860 Twitter Feed <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2023-2387 Netgear SRX5308 Web Management Interface cross site scripting
CVE-2024-30186 WordPress Prime Slider plugin <= 3.13.1 - Cross Site Scripting (XSS) vulnerability
