2 matches found
CVE-2008-3843
Request Validation aka the ValidateRequest filters in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a query string containing a "/" less-th...
CVE-2008-3843
CVE-2008-3843 describes a bypass of ASP.NET Request Validation (ValidateRequest filters) in the Microsoft .NET Framework when MS07-040 is installed. The vulnerability arises from the framework failing to properly detect dangerous input, enabling cross-site scripting (XSS) via crafted client data,...