Deepak983 - Security Researcher - Exploit Intelligence Platform

CVE-2020-19586 NOMISEC CRITICAL NO CODE

Yellowfin Business Intelligence 7.3 - Stored Cross-Site Scripting via MIAdminStyles.i4 Admin UI

Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

CVSS 9.0

View Code

CVE-2020-19587 NOMISEC MEDIUM NO CODE

Yellowfin Business Intelligence 7.3 - Stored Cross-Site Scripting via MIAdminStyles.i4 Admin UI

Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.

CVSS 5.4

View Code

CVE-2020-19586 WRITEUP CRITICAL WRITEUP

Yellowfin Business Intelligence 7.3 - Stored Cross-Site Scripting via MIAdminStyles.i4 Admin UI

Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

CVSS 9.0

View Code

CVE-2020-19587 WRITEUP MEDIUM WRITEUP

Yellowfin Business Intelligence 7.3 - Stored Cross-Site Scripting via MIAdminStyles.i4 Admin UI

Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.

CVSS 5.4

View Code