CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26859 – Microsoft Power BI Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-26859
Microsoft Power BI Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft Power BI • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26859 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-1173
https://notcve.org/view.php?id=CVE-2020-1173
A spoofing vulnerability exists in Microsoft Power BI Report Server in the way it validates the content-type of uploaded attachments, aka 'Microsoft Power BI Report Server Spoofing Vulnerability'. Se presenta una vulnerabilidad de suplantación de identidad en Microsoft Power BI Report Server en la manera en que comprueba el content-type de archivos adjuntos cargados, también se conoce como "Microsoft Power BI Report Server Spoofing Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1173 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 2CVE-2019-1332
https://notcve.org/view.php?id=CVE-2019-1332
A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'. Hay una vulnerabilidad de tipo cross-site scripting (XSS) cuando Microsoft SQL Server Reporting Services (SSRS) no sanea apropiadamente una petición web especialmente diseñada para un servidor SSRS afectado, también se conoce como "Microsoft SQL Server Reporting Services XSS Vulnerability". • https://github.com/mbadanoiu/CVE-2019-1332 https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-1332-Cross-Site%20Scripting-Microsoft%20SQL%20Server%20Reporting%20Services https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1332 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •