CVE-2008-3422

EPSS 1.6%

Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to (1) HtmlControl.cs (PreProcessRelativeReference), (2) HtmlForm.cs (RenderAttributes), (3) HtmlInputButton (RenderAttributes), (4) HtmlInputRadioButton (RenderAttributes), and (5) HtmlSelect (RenderChildren).

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://lists.ximian.com/pipermail/mono-devel-list/2008-July/028633.html https://bugzilla.novell.com/show_bug.cgi?id=413534 http://secunia.com/advisories/31338 http://secunia.com/advisories/31982 http://secunia.com/advisories/36494 https://exchange.xforce.ibmcloud.com/vulnerabilities/44229 https://usn.ubuntu.com/826-1/http://www.securityfocus.com/bid/30471