MicroStrategy Web SDK 11.1 and Earlier: Server-Side Request Forgery (SSRF) Vulnerability

MicroStrategy Web SDK 11.1 and Earlier: Server-Side Request Forgery (SSRF) Vulnerability

CVE-2020-22983 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.

Learn more about our Web App Pen Testing.