Summary: SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.Published: Tuesday, July 16, 2019 - 14:15cvss: