WordPress SQL Reporting Services – SSRS Plugin for WordPress Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software SQL Reporting Services – SSRS Plugin for WordPress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0f07bb007c39 Credits...

WordPress SQL Reporting Services – SSRS Plugin for WordPress plugin <= 1.0.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress SQL Reporting Services – SSRS Plugin for WordPress plugin versions = 1.0.3. Solution No patched version available...

WordPress SQL Reporting Services – SSRS Plugin for WordPress plugin <= 1.0.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SQL Reporting Services – SSRS Plugin for WordPress plugin versions = 1.0.3. Solution No patched version available...

CVE-2020-1044

A security feature bypass vulnerability exists in SQL Server Reporting Services SSRS when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator. To exploit the...

CVE-2020-1044

CVE-2020-1044 is a security feature bypass in Microsoft SQL Server Reporting Services (SSRS) where the server incorrectly validates attachments uploaded to reports. An authenticated attacker can exploit this by sending a specially crafted request to an affected SSRS server, enabling upload of fil...

CVE-2020-15418

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.75020200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSRSReport class. Due to the improper restriction of XML Extern...

CVE-2019-1332

CVE-2019-1332 is an XSS in Microsoft SQL Server Reporting Services (SSRS) caused by inadequate sanitization of crafted web requests. Affected product: SSRS within SQL Server deployments. Impact per documentation: cross-site scripting could enable script execution in the context of the SSRS user. ...

Release Notes for Veeam ONE 9.0 Update 1

Challenge Release Notes for Veeam ONE 9.0 Update 1 Cause Please confirm you are running Veeam ONE 9 prior to installing this update. You can check this under Help | About in Veeam ONE Monitor Client, the build number should be 9.0.0.xxx. After upgrading, your version build will be 9.0.0.2088. Thi...

MS12-070: Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849) (uncredentialed check)

The remote host has a version of Microsoft SQL Server installed. This version of SQL Server is running SQL Server Reporting Services SRSS, which is affected by a cross-site scripting XSS vulnerability that could allow elevation of privileges. Successful exploitation could allow an attacker to...

MS12-070: Vulnerability in SQL Server could allow elevation of privilege: October 9, 2012

Resolves a vulnerability in Microsoft SQL Server on systems that are running SQL Server Reporting Services SSRS.View products that this article applies to.IntroductionMicrosoft has released security bulletin MS12-070. To view the complete security bulletin, go to one of the following Microsoft...

Hyperlinks in SSRS-based reports do not work

Challenge Some hyperlinks in SSRS-based reports expire in 20 minutes version 6.0-10.0. NOTE: In Veeam ONE Reporter v11 the timeout is 12 hours. Cause The behavior is caused by Microsoft SSRS implementation specifics. Solution This behavior is by Microsoft SSRS design. More Information If you have...

Exported Report From Veeam ONE Contains Nonfunctional Hyperlinks

Challenge The embedded links in exported Veeam ONE reports are inactive. Cause Embedded links are inactive in all report formats exported directly via Veeam ONE. When SSRS is integrated with Veeam ONE, additional report formats are available, some of which contain active embedded links. Solution...