XSS Vulnerability in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1
CVE-2011-1976

Currently unrated

Key Information:

Vendor
Microsoft
Status
Visual Studio
Report Viewer
Vendor
CVE Published:
10 August 2011

Summary

A cross-site scripting vulnerability exists in the Report Viewer Control of Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML through a crafted parameter in a data source, posing a risk to users by potentially exposing them to malicious code execution and unauthorized actions within the application.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://marc.info/?l=bugtraq&m=145326307707460&w=2
vendor-advisoryx_refsource_HP
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

79% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.