Schweregrad:: Hoch
  CVE Kennungen:: CVE-2013-5042
  Hinweisdatum: 26 Dezember 2013

  Beschreibung

This security update resolves a privately reported vulnerability in ASP.NET SignalR. The vulnerability could allow elevation of privilege if an attacker reflects specially crafted JavaScript back to the browser of a targeted user.

  Lösungen

  Betroffene Software und Version:

  • Microsoft Visual Studio Team Foundation Server 2013
  • ASP.NET SignalR 2.0.x
  • ASP.NET SignalR 1.1.x