CVE-2020-22985 – Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allow …

Vuln ID: CVE-2020-22985

Published:  2022-05-12  20:15:13Z

Description: Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.

Source: NVD.NIST.GOV