CVE-2020-11454

Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. In order to exploit this vulnerability, a user needs to get access to a shared dashboard or have the ability to create a dashboard on the application.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:microstrategy:microstrategy_web:10.4:*:*:*:*:*:*:*

Information

Published : 2020-04-02 08:15

Updated : 2020-04-03 12:15


NVD link : CVE-2020-11454

Mitre link : CVE-2020-11454


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

microstrategy

  • microstrategy_web