Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.801342
Categoría:Windows
Título:Microsoft ASP.NET Cross-Site Scripting vulnerability
Resumen:The host is running Microsoft ASP .NET and is prone to; Cross-Site Scripting Vulnerability.
Descripción:Summary:
The host is running Microsoft ASP .NET and is prone to
Cross-Site Scripting Vulnerability.

Vulnerability Insight:
The flaw is due to error in the handling of
'HtmlContainerControl', which does not prevent setting the 'InnerHtml' property
on a control that inherits from HtmlContainerControl when processing the vectors
related to an attribute.

Vulnerability Impact:
Successful exploitation could allow attackers to conduct
cross-site scripting attacks against the form control via vectors related to an
attribute.

Affected Software/OS:
Microsoft ASP.NET version 2.0 and prior.

Solution:
No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2084
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/03/30/configuration-is-half-the-battle-asp-net-and-cross-site-scripting.aspx
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.