JVN#71256611: ASP.NET vulnerable to open redirect

2013-11-15T00:00:00
ID JVN:71256611
Type jvn
Reporter Japan Vulnerability Notes
Modified 2013-11-15T00:00:00

Description

## Description

ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerable.

## Impact

The user who accesses the web application that implements ASP.NET may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack.

## Solution

Update the software
This vulnerability was resolved in MS11-100.
Apply the update according to the information provided by Microsoft.

## Products Affected

  • ASP.NET