Microsoft ASP.NET SignalR CVE-2013-5042 Cross Site Scripting Vulnerability

Microsoft ASP.NET SignalR is prone to a cross-site scripting vulnerability because it fails to properly encode user input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to modify page content, conduct phishing, or perform actions on behalf of the targeted user.


 

Privacy Statement
Copyright 2010, SecurityFocus