Stored XSS Vulnerability in MicroStrategy Web (before 10.1 patch 10) due to Missing Input Validation in FLTB Parameter

CVE-2019-12453 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.

Learn more about our Web App Pen Testing.