Advertisement






MicroStrategy Library Cross Site Scripting

CVE Category Price Severity
CVE-2020-8789 CWE-79 $5,000 High
Author Risk Exploitation Type Date
Unknown High Remote 2019-11-14
CPE
cpe:cpe:/a:microstrategy:library
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019110088

Below is a copy:

MicroStrategy Library Cross Site Scripting
I. VULNERABILITY
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library

II. CVE REFERENCE
-------------------------
Not Assigned yet

III. VENDOR
-------------------------
https://www.microstrategy.com/

IV. TIMELINE
-------------------------
05/07/2019 Vulnerability discovered
06/07/2019 Vendor contacted
06/09/2018 MicroStrategy Fix the vulnerability at the release V11.1.3

V. CREDIT
-------------------------
Alphan Yavas from Biznet Bilisim A.S.

VI. DESCRIPTION
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
(before 11.1.3) which allow a remote attacker to conduct reflected
cross-site scripting attacks.

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum