8 matches found
Microsoft AntiXSS Library Bypass Information Disclosure (MS12-007) - Ver2 (CVE-2012-0007)
An information disclosure vulnerability has been reported in the Microsoft Anti-Cross Site Scripting AntiXSS Library. The vulnerability is due to the way the AntiXSS Library incorrectly evaluates certain characters after a CSS escaped character is detected. A remote attacker may exploit this issu...
Microsoft AntiXSS library crossite scripting
Crossite scripting during HTML parsing...
Microsoft AntiXSS Library Information Disclosure Vulnerability (2607664)
This host is missing an important security update according to Microsoft Bulletin MS12-007. OpenVAS Vulnerability Test $Id: secpodms12-007.nasl 5366 2017-02-20 13:55:38Z cfi $ Microsoft AntiXSS Library Information Disclosure Vulnerability 2607664 Authors: Madhuri D Copyright: Copyright c 2012...
CVE-2012-0007
The Microsoft Anti-Cross Site Scripting AntiXSS Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets CSS escaped character, which allows remote attackers to conduct cross-site scripting XSS attacks via HTML input, aka "AntiXSS Library Bypass...
CVE-2012-0007
CVE-2012-0007 refers to a vulnerability in Microsoft AntiXSS Library (versions 3.x and 4.0) where characters after a CSS-escaped sequence are not evaluated correctly, allowing remote XSS via HTML input. Root cause: improper handling in the AntiXSS sanitization process after CSS escapes. Affected ...
Microsoft AntiXSS Library Sanitization Module Security Bypass Vulnerability
Description Microsoft Anti-Cross Site Scripting AntiXSS Library is prone to a security-bypass vulnerability that affects the sanitization module. An attacker can exploit this vulnerability to bypass the filter and conduct cross-site scripting attacks. Successful exploits may allow attackers to...
Microsoft AntiXSS 34.0 Library Sanitization Module - Security Bypass
Microsoft AntiXSS 34.0 Library Sanitization Module - Security Bypass source: https://www.securityfocus.com/bid/51291/info Microsoft Anti-Cross Site Scripting AntiXSS Library is prone to a security-bypass vulnerability that affects the sanitization module. An attacker can exploit this vulnerabilit...
Microsoft AntiXSS 3/4.0 Library Sanitization Module - Security Bypass
source: https://www.securityfocus.com/bid/51291/info Microsoft Anti-Cross Site Scripting AntiXSS Library is prone to a security-bypass vulnerability that affects the sanitization module. An attacker can exploit this vulnerability to bypass the filter and conduct cross-site scripting attacks...