KLA10614
Code injection vulnerability in Microsoft ASP.NET MVC
Updated: 06/01/2019
Detect date
?
10/14/2014
Severity
?
Warning
Description

XSS vulnerability was found in ASP.NET MVC. By exploiting this vulnerability malicious users can inject arbitrary script. This vulnerability can be exploited remotely via a specially designed web page.

Affected products

Microsoft ASP.NET NVC versions 2.0, 3.0, 4.0, 5.0 and 5.1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2014-4075

Impacts
?
CI 
[?]
Related products
Microsoft ASP.NET MVC
CVE-IDS
?
CVE-2014-40754.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

2993937
2990942
2993939
2993928
2994397
2992080