Medium severity6.1NVD Advisory· Published May 12, 2022· Updated Jun 17, 2026
CVE-2020-22986
CVE-2020-22986
Description
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.
Affected products
2- MicroStrategy/Web SDKdescription
- Range: <=10.11
Patches
Vulnerability mechanics
References
5- www.microstrategy.com/us/report-a-security-vulnerabilitynvdVendor Advisory
- microstrategy.comnvdProduct
- www.yourcompany.com:8080/MicroStrategy/servlet/taskProcnvdBroken Link
- tinyurl.comnvdNot Applicable
- medium.com/%40win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969dnvd
News mentions
0No linked articles in our index yet.