2 matches found
CVE-2020-22983
A Server-Side Request Forgery SSRF vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery SSRF attack via the srcURL parameter to the shortURL task...
CVE-2020-22983
The CVE-2020-22983 entry concerns a Server-Side Request Forgery (SSRF) in MicroStrategy Web SDK 11.1 and earlier. The root cause is a lack of authentication and data filtering of the srcURL parameter used by the shortURL task, enabling remote unauthenticated attackers to trigger SSRF via that par...