ID 10726
Created Aug 10, 2005
Updated Feb 01, 2019
Severity dark-circle dark-circle dark-circle dark-circle dark-circle
Coverage switch-off-logo IPS (Regular DB)
switch-off-logo IPS (Extended DB)
Default Action pass
Active switch-off-logo
Affected OS Windows
Affected App ASP_app

Legend

Active/Available switch-on-logo
InActive/Not Available switch-off-logo

Update History

Date Version Detail
2019-02-05 14.542

Threat Encyclopedia

MS.ASP.NET.XSS

description-logoDescription

It indicates an attacker attempted a Cross-Site Scripting attack against Microsoft ASP .NET. Microsoft has built in mechanisms in ASP.NET to prevent Cross-Site Scripting attacks. Unfortunately these security checks can be bypassed if a malicious attacker includes a null character in the beginning of a tag name. This could lead to the execution of arbitrary web script against the system.

affected-products-logoAffected Products

Microsoft ASP.Net 1.1

Impact logoImpact

Compromise of the affected system.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References

CVE-2003-0768

Telemetry logoTelemetry