exploitDog

CVE-2020-19586

Опубликовано: 14 сент. 2022

Источник: nvd

CVSS3: 9

EPSS Низкий

Описание

Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

Ссылки

https://github.com/Deepak983/CVE-2020-19586/blob/main/Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf
Exploit
Third Party Advisory
https://github.com/Deepak983/CVE-2020-19586/blob/main/Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yellowfinbi:business_intelligence:7.3:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01446

Низкий

9 Critical

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-vrh3-3gfh-4pqx

CVSS3: 9

github

больше 3 лет назад

Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

EPSS

Процентиль: 80%

0.01446

Низкий

9 Critical

CVSS3

Дефекты

CWE-79