CVE-2018-18776

2018-11-01T17:29:00
ID CVE-2018-18776
Type cve
Reporter cve@mitre.org
Modified 2018-12-12T14:05:00

Description

Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.