(MS14-059) Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942)
Publish date: 11 de noviembre de 2014
Gravedad: High
Identificadores de CVE : CVE-2014-4075
Fecha recomendada: 11 de noviembre de 2014
Descripción
This update resolves a cross-site scripting vulnerability found in ASP.NET MVC. The vulnerability allows to bypass the built-in security feature in the said software.
Soluciones
Software y versión afectados
- ASP.NET MVC 2.0
- ASP.NET MVC 3.0
- ASP.NET MVC 4.0
- ASP.NET MVC 5.0
- ASP.NET MVC 5.1