| Max CVSS | 4.3 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-18777 | 4.0 |
Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage) allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slas
|
12-12-2018 - 14:13 | 01-11-2018 - 17:29 | |
| CVE-2018-18775 | 4.3 |
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product.
|
12-12-2018 - 14:08 | 01-11-2018 - 17:29 | |
| CVE-2018-18776 | 4.3 |
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.
|
12-12-2018 - 14:05 | 01-11-2018 - 17:29 |