7 matches found
CVE-2022-25256
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...
CVE-2022-25256
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...
CVE-2022-25256
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...
Cross site scripting
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...
CVE-2022-25256
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...
CVE-2022-25256
CVE-2022-25256 affects SAS Web Report Studio 4.4. The flaw is an XSS in /SASWebReportStudio/logonAndRender.do mediated by two parameters, saspfs_request_backlabel_list and saspfs_request_backurl_list. The second parameter can route to a malicious page and can execute JavaScript via a javascript: ...
Sas Institute Sas Web Report Studio 跨站脚本漏洞
Sas Institute Sas Web Report Studio is a web application from Sas Institute, Inc. It is used to view, interact with, create, and distribute public and private reports. A cross-site scripting vulnerability exists in Sas Institute Sas Web Report Studio, which stems from Do having two parameters:...