2 matches found
CVE-2020-22985
Cross-Site Scripting XSS vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task...
CVE-2020-22985
CVE-2020-22985 : Concrete details from multiple sources show a Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier. The flaw enables remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task. Affected component ...