CVE-2020-22983

2022-05-1312:31:11

mitre

www.cve.org

8.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.

References

microstrategy.com

www.yourcompany.com:8080/MicroStrategy/servlet/taskProc

medium.com/%40win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204

tinyurl.com/

www.microstrategy.com/us/report-a-security-vulnerability