Msrc Power Bi Report Server vulnerabilities

CVE-2026-21229 [HIGH] CWE-20 Power BI Remote Code Execution Vulnerability Power BI Remote Code Execution Vulnerability Description: Improper input validation in Power BI allows an authorized attacker to execute code over a network. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain the privileges of the authenticated user. Power BI: Power BI Microsoft: Microsoft Customer Actio

CVE-2020-1173 [MEDIUM] Microsoft Power BI Report Server Spoofing Vulnerability Microsoft Power BI Report Server Spoofing Vulnerability Description: A spoofing vulnerability exists in Microsoft Power BI Report Server in the way it validates the content-type of uploaded attachments. An authenticated attacker could exploit the vulnerability by uploading a specially crafted payload and sending it to the user. The attacker who successfully exploited this vulnerability could then perform actions and

CVE-2019-1332 [MEDIUM] Microsoft SQL Server Reporting Services XSS Vulnerability Microsoft SQL Server Reporting Services XSS Vulnerability Description: A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server. An attacker who successfully exploited the vulnerability could run scripts in the context of the targeted user. The attacks could allow the attacker to read c