CVE-2012-3382
Publication date 12 July 2012
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message.
Status
Package | Ubuntu Release | Status |
---|---|---|
mono | ||
Patch details
Package | Patch details |
---|---|
mono |
|
References
Related Ubuntu Security Notices (USN)
- USN-1517-1
- Mono vulnerabilities
- 25 July 2012