Microsoft ASP.NET MVC Cross-Site-Scripting (MS14-059; CVE-2014-4075)
A cross-site scripting vulnerability has been reported in ASP.NET MVC. The vulnerability is due the way ASP.NET MVC improperly handles encoded input. A remote attacker can exploit this vulnerability by enticing an affected user to open a malicious web-page...