Vulnerability discovered
06/07/2019 Vendor contacted
06/09/2018 MicroStrategy Fix the vulnerability at the release V11.1.3
V. CREDIT
-
Alphan Yavas from Biznet Bilisim A.S.
VI. DESCRIPTION
-
Reflected XSS due to lack of input filtering in MicroStrategy
/2019 Vulnerability discovered
03/12/2019 Vendor contacted
04/12/2019 Microsoft replay that “We determined that this behavior is
considered to be by design.”
V. CREDIT
-
Alphan Yavas from Biznet Bilisim A.S.
VI. DESCRIPTION
-
Microsoft Skype for Business
Vendor contacted
17/12/2019 Microsoft replay that “We determined that this behavior is
considered to be by design.”
VI. CREDIT
-
Alphan Yavas from Biznet Bilisim A.S.
VII. Components
-
Affected Component:
Path(inurl): /Autodiscover
Parameter
21/12/2020 Vendor contacted
09/03/2021 CVE Assigned
V. CREDIT
-
Alphan Yavas
VI. DESCRIPTION
-
"X-Forwarded-For" is a HTTP header used to carry the client's original
IP address. However, because these headers may very well be added by