4 matches found
Telerik Web UI Information Disclosure (CVE-2017-9248)
A security bypass vulnerability exists in Telerik Web UI. Successful exploitation of this vulnerability can lead to cross-site scripting, arbitrary file uploads and downloads, leak of MachineKey and compromise of the ASP.NET ViewState on the affected system...
Multiple Vulnerabilities in ASP.NET AJAX and Sitefinity Progress Telerik UI
ASP.NET AJAX is a control for ASP.NET; Sitefinity is an open source platform for building enterprise websites and intranets. Progress Telerik UI is a UI user interface for ASP.NET controls that handles AJAX, developed by American Telerik. A security vulnerability in Telerik.Web.UI.dll for Progres...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...