← back
CVE-2010-2084

CVE-2010-2084

EPSS 12.5%
Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to an attribute.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/03/30/configuration-is-half-the-battle-asp-net-and-cross-site-scripting.aspx