CVE-2019-1332

Summary

A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftSQL Server 2017 Reporting Servicesunspecifiedaffected
MicrosoftPower BI Report Serverunspecifiedaffected
MicrosoftSQL Server 2019 Reporting Servicesunspecifiedaffected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

References