Lucene search
K

125 matches found

Cvelist
Cvelist
added 2013/12/11 12:0 a.m.20 views

CVE-2013-5042

Cross-site scripting XSS vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS...

5.1AI score0.11688EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/12/11 12:0 a.m.113 views

MS13-103: Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244)

The remote host is running a version of ASP.NET SignalR that is affected by a cross-site scripting vulnerability that results in privilege escalation. An attacker who successfully exploited this vulnerability could take any action that the targeted user could take on the site. %NASLMINLEVEL 70300...

4.3CVSS5.2AI score0.11688EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/12/11 12:0 a.m.22 views

Microsoft VS Team Foundation Server SignalR XSS Vulnerability (2905244)

This host is missing an important security update according to Microsoft Bulletin MS13-103. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

4.3CVSS5AI score0.11688EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2013/12/10 12:0 a.m.31 views

MS13-103: Vulnerability in ASP.NET SignalR could allow elevation of privilege: December 10, 2013

Resolves a vulnerability in ASP.NET SignalR that could allow elevation of privilege if an attacker reflects specially crafted JavaScript back to the browser of a targeted user.INTRODUCTIONMicrosoft has released security bulletin MS13-103. To view the complete security bulletin, visit one of the...

4.3CVSS0.1AI score0.11688EPSS
Exploits0
Symantec
Symantec
added 2013/12/10 12:0 a.m.77 views

Microsoft ASP.NET SignalR CVE-2013-5042 Cross Site Scripting Vulnerability

Description Microsoft ASP.NET SignalR is prone to a cross-site scripting vulnerability because it fails to properly encode user input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow...

4.3CVSS6.3AI score0.11688EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder