2 matches found
CVE-2010-2088
ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting XSS attacks against the form control via the VIEWSTATE parameter...
CVE-2010-2088
CVE-2010-2088 : The connected sources confirm a cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 3.5’s ASP.NET where an unencrypted __VIEWSTATE is not properly handled. This allows remote attackers to inject script via the ViewState parameter. Affected product/component: Micro...