Security Advisory

CVE-2012-3382

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-12 21:00:00
Last updated 2024-08-06 20:05:11
Assigner redhat
State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message.