2 matches found
CVE-2020-28409
The server in Dundas BI through 8.0.0.1001 allows XSS via addition of a Component e.g., a button when events such as click, hover, etc. occur...
CVE-2020-28409
The CVE-2020-28409 entry describes a reflected/in-page XSS in Dundas BI up to version 8.0.0.1001, triggered by adding a UI Component (for example, a button) and subsequent events such as click or hover. The vulnerability affects Dundas BI’s server-side handling when these events occur, enabling s...