3 matches found
CVE-2019-1332
A cross-site scripting XSS vulnerability exists when Microsoft SQL Server Reporting Services SSRS does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'...
KB4535706 - Description of the security update for SQL Server 2016 SP2 CU11: February 11, 2020
KB4535706 - Description of the security update for SQL Server 2016 SP2 CU11: February 11, 2020 Summary A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services if it incorrectly handles page requests. An attacker who successfully exploits this vulnerability could...
CVE-2019-1332
CVE-2019-1332 is an XSS in Microsoft SQL Server Reporting Services (SSRS) caused by inadequate sanitization of crafted web requests. Affected product: SSRS within SQL Server deployments. Impact per documentation: cross-site scripting could enable script execution in the context of the SSRS user. ...