Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability

Added: 09/25/2020 CVE: CVE-2020-0618 Background Microsoft SQL Server Reporting Services is a set of tools and services for creating, deploying, and managing mobile and paginated reports. Problem A deserialization vulnerability in Microsoft SQL Server Reporting Services 2016 allows a remote,...

Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability

Added: 09/25/2020 CVE: CVE-2020-0618 Background Microsoft SQL Server Reporting Services is a set of tools and services for creating, deploying, and managing mobile and paginated reports. Problem A deserialization vulnerability in Microsoft SQL Server Reporting Services 2016 allows a remote,...

Security Updates for Microsoft SQL Server Reporting Services (September 2020)

The Microsoft SQL Server Reporting Services installation on the remote host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in SQL Server Reporting Services SSRS due to improper validation of uploaded attachments to reports. An authenticated,...

CVE-2020-0618

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'...

CVE-2019-1332

A cross-site scripting XSS vulnerability exists when Microsoft SQL Server Reporting Services SSRS does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'...

Cross site scripting

A cross-site scripting XSS vulnerability exists when Microsoft SQL Server Reporting Services SSRS does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'...