| Max CVSS | 4.3 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-2087 | 4.3 |
Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or exe
|
28-01-2013 - 05:00 | 27-05-2010 - 19:00 | |
| CVE-2010-2086 | 4.0 |
Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary E
|
28-05-2010 - 04:00 | 27-05-2010 - 19:00 | |
| CVE-2010-2085 | 4.3 |
The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter.
|
28-05-2010 - 04:00 | 27-05-2010 - 19:00 | |
| CVE-2010-2088 | 4.3 |
ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter.
|
28-05-2010 - 04:00 | 27-05-2010 - 19:00 |