Vulnerabilities

CVE-2020-11451

by Fred · 02/04/2020

The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. (This is also exploitable via SSRF). Note: The ability to upload visualization plugins requires administrator privileges.

Date published : 2020-04-02

http://seclists.org/fulldisclosure/2020/Apr/1

http://packetstormsecurity.com/files/157068/MicroStrategy-Intelligence-Server-And-Web-10.4-XSS-Disclosure-SSRF-Code-Execution.html

Similar

Tags: Cybersecurity Alert