.NET Cross Site Scripting

Overview A vulnerability in the .Net Request Validation mechanism allows bypassing the filter and execution of malicious scripts in the browsers of users via Cross Site Scripting attacks. The exploitation technique explained here allows sending tags through the Request Validation Filter in a manner that will pass browser syntax and be rendered by browsers.
READ MORE »