SQL Server 2017 Reporting Services

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-1332	Cross-site Scripting vulnerability in Microsoft products A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'. network low complexity microsoft CWE-79	6.1