4 matches found
Microstrategy Web 7 - Cross-Site Scripting
Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter. id: CVE-2018-18775 info: name: Microstrategy Web 7 - Cross-Site Scripting author: 0xAkoko severity: medium description: Microstrategy Web 7 does not...
CVE-2018-18775
The vulnerability CVE-2018-18775 affects Microstrategy Web 7, where Login.asp Msg parameter input is not sufficiently encoded, causing a Cross-Site Scripting (XSS). The NVD entry notes input encoding weaknesses leading to XSS with a base CVSS v3.0 score of 6.1 (Network, Low user interaction requi...
Microstrategy Web 7 Cross Site Scripting / Traversal
!-- Exploit Title: Cross Site Scripting in Microstrategy Web version 7 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.microstrategy.com Software Link: https://www.microstrategy.com Version: Microstrategy Web version 7 Tested on: Unix CVE : CVE-2018-18775 Category:...
Microstrategy Web 7 - Cross-Site Scripting Directory Traversal
Microstrategy Web 7 - Cross-Site Scripting Directory Traversal !-- Exploit Title: Cross Site Scripting in Microstrategy Web version 7 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.microstrategy.com Software Link: https://www.microstrategy.com Version: Microstrategy...