Medium severity6.1NVD Advisory· Published May 12, 2022· Updated Jun 17, 2026
CVE-2020-22985
CVE-2020-22985
Description
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.
Affected products
2- MicroStrategy/Web SDKdescription
- Range: <=10.11
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.