CVE-2008-3843

NONECVSS 0.0

0.0

Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "<~/" (less-than tilde slash) sequence followed by a crafted STYLE element.

🔗 References (12)

cve@mitrehttp://securityreason.com/securityalert/4193
cve@mitrehttp://www.procheckup.com/PDFs/bypassing-dot-NET-ValidateRequest.pdf
cve@mitrehttp://www.procheckup.com/Vulnerability_PR08-20.php
cve@mitrehttp://www.securityfocus.com/archive/1/495667/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/496071/100/0/threaded
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/44743
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4193
af854a3a-2127-422b-91ae-364da2661108http://www.procheckup.com/PDFs/bypassing-dot-NET-ValidateRequest.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.procheckup.com/Vulnerability_PR08-20.php
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495667/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/496071/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44743

Is Your Infrastructure Affected by CVE-2008-3843?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-3843

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-3843?