2 matches found
CVE-2020-9350
CVE-2020-9350 affects SAS Visual Analytics 8.5, where the Graph Builder’s graph template can be directly accessed and exploited to trigger cross-site scripting (XSS) in the user's browser. The vulnerability is associated with the graph generator/templating mechanism, enabling attacker-supplied co...
CVE-2014-5454
CVE-2014-5454: Unrestricted file upload vulnerability in the image upload module of SAS Visual Analytics 6.4M1 that allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and then accessing it via unspecified vectors. The provided documents co...