CVE-2019-1010147
N/A
N/A
Summary
Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: Incorrect Access Control - Privileges Escalation. The impact is: Victim attacked and access admin functionality through their browser and control browser. The component is: MIAdminStyles.i4. The attack vector is: Victims are typically lured to a web site under the attacker's control; the XSS vulnerability on the target domain is silently exploited without the victim's knowledge. The fixed version is: 7.4 and later.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Yellowfin | Smart Reporting | < 7.3 [fixed: 7.4 and later] | affected |
Weaknesses
- Incorrect Access Control - Privileges Escalation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.