CVE-2020-22428
SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.
Date published : 2021-05-04
https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-1-6-Hotfix-3?language=en_US