Description
Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability."
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-0528 Vulnerability (CVE-2012-0528)
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)
Oracle Database Server CVE-2020-2517 Vulnerability (CVE-2020-2517)
WordPress Plugin Gallery for Social Photo Unspecified Vulnerability (1.0.0.25)