3 matches found
CVE-2021-41372
Summary of CVE-2021-41372 (Power BI Report Server) : A combination of XSS and CSRF vulnerabilities occurs when a Power BI Report Server Template file (pbix) containing HTML is uploaded and HTML is accessed by a victim. Root cause: insufficient sanitization of file uploads, enabling uploaded templ...
Escalation of privilege possible in Power BI Report Server (September, May 2021): March 4, 2022 (KB5007903)
Escalation of privilege possible in Power BI Report Server September, May 2021: March 4, 2022 KB5007903 INTRODUCTION Microsoft has released security update guide CVE-2021-41372 for Power BI Report Server. See the complete guide at...
Vulnerability fixed in Microsoft SQL Server
Microsoft has fixed a vulnerability in Microsoft SQL Server. The vulnerability allows a malicious party to launch Cross-Site Scripting XSS and Cross-Site Request Forgery CSRF attack. execute. By combining the two methods, an attacker can execute arbitrary code on the server under the privileges o...