Описание
Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to an attribute.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:asp.net:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06397
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to an attribute.
EPSS
Процентиль: 91%
0.06397
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79