MicroStrategy Library suffers from a cross site scripting vulnerability. Version 11.1.3 has the patch.
ae60182b30ea2f69f4fd44d8dceb3454I. VULNERABILITY
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
II. CVE REFERENCE
-------------------------
Not Assigned yet
III. VENDOR
-------------------------
https://www.microstrategy.com/
IV. TIMELINE
-------------------------
05/07/2019 Vulnerability discovered
06/07/2019 Vendor contacted
06/09/2018 MicroStrategy Fix the vulnerability at the release V11.1.3
V. CREDIT
-------------------------
Alphan Yavas from Biznet Bilisim A.S.
VI. DESCRIPTION
-------------------------
Reflected XSS due to lack of input filtering in MicroStrategy Library
(before 11.1.3) which allow a remote attacker to conduct reflected
cross-site scripting attacks.