Description
Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability."
Remediation
References
Related Vulnerabilities
WordPress Plugin Subscribe To Comments Reloaded Cross-Site Scripting (150611)
WordPress Plugin Google Maps CP Cross-Site Scripting (1.0.3)
Oracle JRE CVE-2018-2797 Vulnerability (CVE-2018-2797)
Joomla Improper Input Validation Vulnerability (CVE-2006-4466)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.8.3)