CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Microsoft: >> Asp.net >> 3.5 Security Vulnerabilities

CVE-2010-2088

ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter.

CVSS Score

4.3

EPSS Score

0.119

Published

2010-05-27

Page 1

Vulnerabilities

Vulnerable Software

Microsoft: >> Asp.net >> 3.5 Security Vulnerabilities

Products

Pricing

Contact Us