Dec 2019:
CVE-2019-1332 Published on December 10, 2019

A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'.

NVD

Products Associated with CVE-2019-1332

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Power Bi Report Server

Microsoft Sql Server 2017 Reporting Services

Microsoft Sql Server 2019 Reporting Services

Microsoft SQL Server

Microsoft Sql Server 2019

Affected Versions

Microsoft SQL Server 2017 Reporting Services:

Version unspecified is affected.

Microsoft Power BI Report Server:

Version unspecified is affected.

Microsoft SQL Server 2019 Reporting Services:

Version unspecified is affected.

Exploit Probability

EPSS

1.93%

Percentile

83.22%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Dec 2019: CVE-2019-1332 Published on December 10, 2019

Products Associated with CVE-2019-1332

Affected Versions

Exploit Probability

Dec 2019:
CVE-2019-1332 Published on December 10, 2019