CVE-2009-3450

Metadata

CVE-2009-3450
4.3
radnet.radactive.com, securityfocus.com, exchange.xforce.ibmcloud.com, sec-consult.com
2009-09-29
2017-08-17 06:09

Description

Multiple cross-site scripting (XSS) vulnerabilities in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allow remote attackers to inject arbitrary web script or HTML via parameters with names beginning with __ (underscore underscore) sequences, which are incompatible with an XSS protection mechanism provided by Microsoft ASP.NET.

Related Vulnerabilities