Below is a copy: MicroStrategy Library Cross Site Scripting
I. VULNERABILITY
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
II. CVE REFERENCE
-------------------------
Not Assigned yet
III. VENDOR
-------------------------
https://www.microstrategy.com/
IV. TIMELINE
-------------------------
05/07/2019 Vulnerability discovered
06/07/2019 Vendor contacted
06/09/2018 MicroStrategy Fix the vulnerability at the release V11.1.3
V. CREDIT
-------------------------
Alphan Yavas from Biznet Bilisim A.S.
VI. DESCRIPTION
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
(before 11.1.3) which allow a remote attacker to conduct reflected
cross-site scripting attacks.
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum