CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-2084

Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to an attribute.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.064

EPSS Ranking 90.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/03/30/configuration-is-half-the-battle-asp-net-and-cross-site-scripting.aspx
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/03/30/configuration-is-half-the-battle-asp-net-and-cross-site-scripting.aspx

Products affected by CVE-2010-2084

Microsoft » Asp.net » Version: 2.0

cpe:2.3:a:microsoft:asp.net:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2084

Products

Pricing

Contact Us