2 matches found
CVE-2008-3842
Request Validation aka the ValidateRequest filters in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a query string containing a "/"...
CVE-2008-3842
ASP.NET ValidateRequest filters in the Microsoft .NET Framework are vulnerable to bypass and enable cross-site scripting (XSS) when the MS07-040 update is not applied. The issue affects the request validation mechanism (ValidateRequest) used to filter user input, exemplified by a dangerous query ...