4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
High
0.127 Low
EPSS
Percentile
95.5%
XSS vulnerability was found in ASP.NET MVC. By exploiting this vulnerability malicious users can inject arbitrary script. This vulnerability can be exploited remotely via a specially designed web page.
CVE-2014-4075 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.
support.microsoft.com/kb/2990942
support.microsoft.com/kb/2992080
support.microsoft.com/kb/2993928
support.microsoft.com/kb/2993937
support.microsoft.com/kb/2993939
support.microsoft.com/kb/2994397
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4075
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-ASP.NET-MVC/