Computer Security
[EN] no-pyccku

Microsoft SignalR library crossite scripting
SecurityVulns ID:13457
Threat Level:
Description:Forever Frame transport crossite scripting.
Affected:MICROSOFT : ASP.NET SignalR 2.0
CVE:CVE-2013-5042 (Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability.")
Files:Microsoft Security Bulletin MS13-103 - Important Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod