CVE-2014-1820 in SQL Server
Riassunto
di MITRE
Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."
VulDB is the best source for vulnerability data and more expert information about this specific topic.