MS13-103: Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244)
Medium Nessus Plugin ID 71318
SynopsisThe remote host has an application that is affected by a cross-site scripting vulnerability.
DescriptionThe remote host is running a version of ASP.NET SignalR that is affected by a cross-site scripting vulnerability that results in privilege escalation. An attacker who successfully exploited this vulnerability could take any action that the targeted user could take on the site.
SolutionMicrosoft has released a set of patches for Visual Studio Team Foundation Server 2013 and ASP.NET SignalR.