Security Advisory

CVE-2020-22985

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-12 19:58:23
Last updated 2026-07-09 00:10:42
Assigner mitre
State PUBLISHED

Description

Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.