Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microstrategy microstrategy web vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-22985
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via the key parameter to the getESRIExtraConfig task.
Microstrategy Microstrategy Web Sdk
4.3
CVSSv2
CVE-2020-22986
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via the searchString parameter to the wikiScrapper task.
Microstrategy Microstrategy Web Sdk
4.3
CVSSv2
CVE-2020-22987
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via the fileToUpload parameter to the uploadFile task.
Microstrategy Microstrategy Web Sdk
5
CVSSv2
CVE-2020-11453
Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still pos...
Microstrategy Microstrategy Web 10.4
3.5
CVSSv2
CVE-2020-11454
Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. In order to exploit this vulnerability, a user needs to get access to a shared dashboard or have the ability to create a ...
Microstrategy Microstrategy Web 10.4
5
CVSSv2
CVE-2018-6885
An issue exists in MicroStrategy Web Services (the Microsoft Office plugin) prior to 10.4 Hotfix 7, and prior to 10.11. The vulnerability is unauthenticated and leads to access to the asset files with the MicroStrategy user privileges. (This includes the credentials to access the...
Microstrategy Web Services 10.4
Microstrategy Web Services
6.8
CVSSv2
CVE-2018-18696
main.aspx in Microstrategy Analytics 10.4.0026.0049 and previous versions has CSRF. NOTE: The vendor claims that documentation for preventing a CSRF attack has been provided (https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-We...
Microstrategy Microstrategy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2