[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Vulnerability Disclosure
From: Alphan YAVAS <alphan.yv () gmail ! com>
Date: 2019-11-13 10:01:23
Message-ID: CAHW+MaRYOT0yaWfaNOZbdMWx8ZL0mVccCtxvE7v8N2+phsznPg () mail ! gmail ! com
[Download RAW message or body]
I. VULNERABILITY
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
II. CVE REFERENCE
-------------------------
Not Assigned yet
III. VENDOR
-------------------------
https://www.microstrategy.com/
IV. TIMELINE
-------------------------
05/07/2019 Vulnerability discovered
06/07/2019 Vendor contacted
06/09/2018 MicroStrategy Fix the vulnerability at the release V11.1.3
V. CREDIT
-------------------------
Alphan Yavas from Biznet Bilisim A.S.
VI. DESCRIPTION
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
(before 11.1.3) which allow a remote attacker to conduct reflected
cross-site scripting attacks.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic