oval:org.mitre.oval:def:14314
Definition Id: oval:org.mitre.oval:def:14314 | |||
Oval ID: | oval:org.mitre.oval:def:14314 | ||
Title: | AntiXSS Library Bypass Vulnerability | ||
Description: | The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML input, aka "AntiXSS Library Bypass Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0007 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Anti-Cross Site Scripting Library V3.x Microsoft Anti-Cross Site Scripting Library V4.0 |
Definition Synopsis: | |||