VYPR
Medium severity6.1NVD Advisory· Published May 12, 2022· Updated Jun 17, 2026

CVE-2020-22985

CVE-2020-22985

Description

Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.