CVE-2020-11451
02.04.2020, 15:15
The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. (This is also exploitable via SSRF). Note: The ability to upload visualization plugins requires administrator privileges.Enginsight
| Vendor | Product | Version |
|---|---|---|
| microstrategy | microstrategy_web | 𝑥 ≤ 10.4 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References