Home

Description

A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.

PUBLISHED Reserved 2026-02-26 | Published 2026-06-09 | Updated 2026-06-09 | Assigner SolarWinds




MEDIUM: 4.8CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status
affected

2026.1 and previous versions
affected

References

documentation.solarwinds.com/...hco_2026-2_release_notes.htm release-notes

www.solarwinds.com/...ter/security-advisories/CVE-2026-28301 vendor-advisory

documentation.solarwinds.com/...ore-secure-configuration.htm

cve.org (CVE-2026-28301)

nvd.nist.gov (CVE-2026-28301)

Download JSON