cpe:/a:microstrategy:microstrategy_web:7 CVE-2018-18776 2018-11-01T13:29:00.860-04:00 2018-12-12T09:05:39.543-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2018-12-10T09:42:42.570-05:00 EXPLOIT-DB 45755 MISC http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.