Description
Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted web page, aka "MVC XSS Vulnerability."
Remediation
References
Related Vulnerabilities
WordPress Plugin Cimy User Extra Fields Arbitrary File Upload (2.3.7)
WordPress Plugin Consulting Elementor Widgets Local File Inclusion (1.3.0)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0067)
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039)
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53952)