CSRF Vulnerability in MicroStrategy Web application

Posted by wissam . bashour on Dec 02#####################################
Title: Cross-Site Request Forgery (CSRF) Vulnerability in MicroStrategy Web application allows modifying user’s
preferences.
Author: Wissam Bashour
Vendor: MicroStrategy
Product: MicroStrategy Web
Version: All versions below 10.4.0026.0049
Tested Version: Version 10.4.0026.0049
Severity: HIGH
CVE Reference: CVE-2018-18696

# About the Product:
MicroStrategy provides software solutions and expert…

Link: http://seclists.org/bugtraq/2018/Dec/3