| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS13-103 | Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244) | ASP.NET SignalR | Important | 11-12-2013 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in ASP.NET SignalR. The vulnerability could allow elevation of privilege if an attacker reflects specially crafted JavaScript back to the browser of a targeted user.
Detailed Information on the risk:
This security update resolves a privately reported vulnerability in ASP.NET SignalR. The vulnerability could allow elevation of privilege if an attacker reflects specially crafted JavaScript back to the browser of a targeted user.Further information on this exploit is available at : MS13-103
Affected Software
ASP.NET SignalR 1.1.xASP.NET SignalR 2.0.x
Microsoft Visual Studio Team Foundation Server 2013