Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft ASP.NET SignalR跨站脚本漏洞
Vulnerability Description
Microsoft ASP.NET SignalR是美国微软(Microsoft)公司的一个供ASP.NET开发人员使用的库,用于向Web应用程序添加实时消息、推送通知和用户交互。 Microsoft ASP.NET SignalR中存在一个特权提升漏洞,可能允许攻击者在目标用户的上下文中访问资源。受影响的软件:ASP.NET SignalR 1.1.4之前的1.1.x 版本,2.0.1之前的2.0.x版本,Visual Studio Team Foundation Server 2013。
CVSS Information
N/A
Vulnerability Type
N/A