8 matches found
Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...
Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version: Flexmonster Pivot Table & Charts 2.7.17 Tested on: Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20139...
CVE-2020-20140
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
Cross site scripting
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
Cross site scripting
Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20139
Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20142
The provided connected sources confirm CVE-2020-20142 affects Flexmonster Pivot Table & Charts 2.7.17, specifically the "+To Remote CSV" component under the Open menu. The root cause is a reflected XSS due to insufficient input sanitization of the 'path' parameter when fetching file specification...