← voltar
CVE-2019-1332

CVE-2019-1332

EPSS 7.2%
A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'.
Produtos afetados
Microsoft · Power BI Report ServerMicrosoft · SQL Server 2017 Reporting ServicesMicrosoft · SQL Server 2019 Reporting Services

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-1332-Cross-Site%20Scripting-Microsoft%20SQL%20Server%20Reporting%20Serviceshttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1332