Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS

🗓️ 21 Dec 2020 00:00:00Reported by Marco NappiType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 205 Views

Flexmonster Pivot Table & Charts 2.7.17 'To OLAP' Reflected XSS vulnerability

Related
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2020-20141
18 Dec 202002:43
circl
CNNVD		Flexmonster Pivot Table & Charts Cross-Site Scripting Vulnerability
17 Dec 202000:00
cnnvd
CVE		CVE-2020-20141
17 Dec 202022:38
cve
Cvelist		CVE-2020-20141
17 Dec 202022:38
cvelist
EUVD		EUVD-2020-12928
7 Oct 202500:30
euvd
NVD		CVE-2020-20141
17 Dec 202023:15
nvd
OSV		CVE-2020-20141
17 Dec 202023:15
osv
Packet Storm		Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting
17 Dec 202000:00
packetstorm
Prion		Cross site scripting
17 Dec 202023:15
prion
RedhatCVE		CVE-2020-20141
22 May 202517:00
redhatcve
Rows per page
# Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: https://www.flexmonster.com/
# Version:Flexmonster Pivot Table & Charts 2.7.17
# Tested on:Flexmonster Pivot Table & Charts 2.7.17
# CVE : CVE-2020-20141

Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17.

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

payload:
<svg onload=alert("OLAPTool")><!--

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Dec 2020 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 24.3
CVSS 3.16.1
EPSS0.00626
flexmonster pivot table" "charts 2.7.17" "to olap" "reflected xss" "connect menu" "xmla" "cve-2020-20141" "cross site scripting" "input sanitization" "file specifications" "xss payload" "security vulnerability
205