Vulnerabilities > Microstrategy > Microstrategy > 10.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-24 | CVE-2020-24815 | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy 10.4/2019/2020 A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. | 4.0 |
| 2018-12-28 | CVE-2018-18696 | Cross-Site Request Forgery (CSRF) vulnerability in Microstrategy 10.4/10.4.0026.0049/9.2.1 main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. | 8.8 |