Search
Find a vulnerability
Search criteria
2 vulnerabilities found for yellowfin_business_intelligence by idera
CVE-2020-19587 (GCVE-0-2020-19587)
Vulnerability from nvd – Published: 2022-09-14 02:54 – Updated: 2024-08-04 14:15
VLAI
EPSS
VEX
Summary
Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.linkedin.com/in/deepak-sharma-72a044b4/ | x_refsource_MISC |
| https://github.com/Deepak983/CVE-2020-19587/blob/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:15:27.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.linkedin.com/in/deepak-sharma-72a044b4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-14T02:54:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.linkedin.com/in/deepak-sharma-72a044b4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-19587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.linkedin.com/in/deepak-sharma-72a044b4/",
"refsource": "MISC",
"url": "https://www.linkedin.com/in/deepak-sharma-72a044b4/"
},
{
"name": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf",
"refsource": "MISC",
"url": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-19587",
"datePublished": "2022-09-14T02:54:44.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:15:27.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-19587 (GCVE-0-2020-19587)
Vulnerability from cvelistv5 – Published: 2022-09-14 02:54 – Updated: 2024-08-04 14:15
VLAI
EPSS
VEX
Summary
Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.linkedin.com/in/deepak-sharma-72a044b4/ | x_refsource_MISC |
| https://github.com/Deepak983/CVE-2020-19587/blob/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:15:27.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.linkedin.com/in/deepak-sharma-72a044b4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-14T02:54:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.linkedin.com/in/deepak-sharma-72a044b4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-19587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.linkedin.com/in/deepak-sharma-72a044b4/",
"refsource": "MISC",
"url": "https://www.linkedin.com/in/deepak-sharma-72a044b4/"
},
{
"name": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf",
"refsource": "MISC",
"url": "https://github.com/Deepak983/CVE-2020-19587/blob/main/_Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-19587",
"datePublished": "2022-09-14T02:54:44.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:15:27.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}