Limited Black Friday Offer:
Microstrategy Web version 7 Path traversal vulnerability CVE-2018-18777 Scanner
Microstrategy Web version 7 allows path traversal vulnerability.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Parent Category
Microstrategy Web version 7 Path traversal vulnerability CVE-2018-18777 Scanner Detail
Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage) allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.