Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microstrategy web vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-22984
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via key parameter to the getGoogleExtraConfig task.
Microstrategy Microstrategy Web Sdk
6.1
CVSSv3
CVE-2020-22985
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via the key parameter to the getESRIExtraConfig task.
Microstrategy Microstrategy Web Sdk
6.1
CVSSv3
CVE-2020-22986
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via the searchString parameter to the wikiScrapper task.
Microstrategy Microstrategy Web Sdk
6.1
CVSSv3
CVE-2020-22987
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and previous versions, allows remote unauthenticated malicious users to execute arbitrary code via the fileToUpload parameter to the uploadFile task.
Microstrategy Microstrategy Web Sdk
5.3
CVSSv3
CVE-2020-11453
Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still pos...
Microstrategy Microstrategy Web 10.4
5.4
CVSSv3
CVE-2020-11454
Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. In order to exploit this vulnerability, a user needs to get access to a shared dashboard or have the ability to create a ...
Microstrategy Microstrategy Web 10.4
8.8
CVSSv3
CVE-2018-18696
main.aspx in Microstrategy Analytics 10.4.0026.0049 and previous versions has CSRF. NOTE: The vendor claims that documentation for preventing a CSRF attack has been provided (https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-We...
Microstrategy Microstrategy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2