CVE-2012-0007 in Anti-cross Site Scripting Library信息

摘要

由 MITRE

The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML input, aka "AntiXSS Library Bypass Vulnerability."

Once again VulDB remains the best source for vulnerability data.

来源

Do you know our Splunk app?

Download it now for free!