KLA11620
SUI Vulnerability in Microsoft SQL Server

Updated: 06/03/2020
Detect date
?
12/10/2019
Severity
?
High
Description

A cross-site-scripting (XSS) vulnerability was found in Microsoft SQL Server Reporting Services. Malicious users can exploit this vulnerability to spoof user interface.

Affected products

SQL Server 2017 Reporting Services
Power BI Report Server
SQL Server 2019 Reporting Services

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2019-1332

Impacts
?
SUI 
[?]
Related products
Microsoft SQL Server
CVE-IDS
?
CVE-2019-13324.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

4532097
4535706

Find out the statistics of the vulnerabilities spreading in your region