CVE-2020-19586

Description

Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

Related CPE's

a yellowfinbi business_intelligence 7.3 *******

References

https://github.com/Deepak983/CVE-2020-19586/blob/main/Stored%20XSS%20in%20MIAdminStyles.i4%20through%20privileges%20escalation.pdf

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io