Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-1459
HistoryMay 27, 2010 - 7:00 p.m.

CVE-2010-1459

2010-05-2719:00:00
CWE-79
[email protected]
web.nvd.nist.gov
34
asp.net
mono
cve-2010-1459
enableviewstatemac
xss
nvd

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

71.8%

JSON

The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.

Related

nessus 7
openvas 19
github 1
fedora 9
prion 1
debiancve 1
ubuntucve 1
osv 1
nessus
nessus
SuSE 11 / 11.1 Security Update : mono-core / Mono (SAT Patch Numbers 2326 / 2474)
2010-12-02 00:00:00
Fedora 12 : mono-2.4.3.1-2.fc12 (2010-10433)
2010-07-14 00:00:00
openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)
2010-07-01 00:00:00
openvas
openvas
Fedora Update for libgdiplus FEDORA-2010-10332
2010-07-16 00:00:00
Fedora Update for mono FEDORA-2010-10433
2010-07-16 00:00:00
Fedora Update for gtksourceview-sharp FEDORA-2010-10332
2010-07-16 00:00:00
github
github
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
2022-05-02 06:22:59
fedora
fedora
[SECURITY] Fedora 13 Update: mono-tools-2.6.2-1.fc13
2010-07-13 07:47:49
[SECURITY] Fedora 13 Update: xsp-2.6.4-1.fc13
2010-07-13 07:47:49
[SECURITY] Fedora 13 Update: mono-basic-2.6.2-1.fc13
2010-07-13 07:47:49
prion
prion
Cross site scripting
2010-05-27 19:00:00
debiancve
debiancve
CVE-2010-1459
2010-05-27 19:00:00
ubuntucve
ubuntucve
CVE-2010-1459
2010-05-27 00:00:00
osv
osv
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
2022-05-02 06:22:59

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

71.8%

JSON
Related for CVE-2010-1459
nessus7openvas19github1fedora9prion1debiancve1ubuntucve1osv1