Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2013-12-10 |
Product | Asp.Net Signalr | Last view | 2013-12-10 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.3 | 2013-12-10 | CVE-2013-5042 | Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:20798 | SignalR XSS Vulnerability (CVE-2013-5042) - MS13-103 |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2013-A-0224 | Microsoft ASP.NET SignalR Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0042590 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2013-12-11 | Name: The remote host has an application that is affected by a cross-site scripting... File: smb_nt_ms13-103.nasl - Type: ACT_GATHER_INFO |