You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability." Discovery Date: 2018-10-12 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
CVE-2013-5042
Description: Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability."
Discovery Date: 2018-10-12
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Score: 4.3
Exploitability score: 8.6Impact score: 2.9
Vendors
References
The text was updated successfully, but these errors were encountered: