6 matches found
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the 'meta http-equiv="refresh"' in the WebSocket messages...
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the '...
Open redirect
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the 'meta http-equiv="refresh"' in the WebSocket messages...
CVE-2023-48003
CVE-2023-48003 affects Asp.Net Zero versions prior to 12.3.0. Affected component is the handling of user messages transmitted over WebSocket, where HTML injection via the tag enables an open redirect to an attacker-controlled URL. Impact described as remote victims being redirected; no exploitat...
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the 'meta http-equiv="refresh"' in the WebSocket messages...
Asp.Net Zero Security Vulnerability
Asp.Net Zero is an open source web development framework. A security vulnerability exists in Asp.Net Zero versions prior to 12.3.0, which stems from messages being transmitted over websocket, and can be exploited by an attacker to inject HTML into a user's message, redirecting the intended victim...