Lucene search
K
MicrostrategyMicrostrategy Web Sdk

4 matches found

CVE
CVE
added 2022/05/12 7:57 p.m.87 views

CVE-2020-22984

The CVE-2020-22984 entry concerns a Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier. The root cause is lack of filtering/escaping of the getGoogleExtraConfig parameter, allowing remote unauthenticated attackers to execute arbitrary code via the key parameter. A...

6.1CVSS6.1AI score0.01511EPSS
CVE
CVE
added 2022/05/12 7:58 p.m.62 views

CVE-2020-22986

CVE-2020-22986 describes a cross-site scripting (XSS) vulnerability in MicroStrategy Web SDK, affecting version 10.11 and earlier. The issue arises from missing filtering and escaping of the searchString parameter in the wikiScrapper task, enabling remote unauthenticated attackers to execute arbi...

6.1CVSS6.1AI score0.01527EPSS
CVE
CVE
added 2022/05/12 7:58 p.m.59 views

CVE-2020-22987

CVE-2020-22987 : A cross-site scripting (XSS) vulnerability exists in MicroStrategy Web SDK 10.11 and earlier. The issue stems from lack of filtering/escaping of the fileToUpload parameter used by the uploadFile task, enabling remote unauthenticated attackers to execute arbitrary code via that pa...

6.1CVSS6.1AI score0.01385EPSS
CVE
CVE
added 2022/05/12 7:58 p.m.52 views

CVE-2020-22985

CVE-2020-22985 : Concrete details from multiple sources show a Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier. The flaw enables remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task. Affected component ...

6.1CVSS6.1AI score0.01511EPSS