MicroStrategy Web SDK is a JavaScript library from MicroStrategy, Inc. Interacts with different CARTO APIs to build custom applications that utilize vector rendering on top of deck.gl. A cross-site scripting vulnerability exists in MicroStrategy Web SDK 10.11 and prior versions, which stems from a lack of filtering and escaping of the fileToUpload parameter, and can be exploited by attackers to execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
microstrategy web sdk | le | 10.11 |