VYPR
Unrated severityNVD Advisory· Published Feb 16, 2005· Updated Jun 16, 2026

CVE-2005-0452

CVE-2005-0452

Description

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Microsoft/Asp.net6 versions
    cpe:2.3:a:microsoft:asp.net:1.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:microsoft:asp.net:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:asp.net:1.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:asp.net:1.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:asp.net:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:asp.net:1.1:sp1:*:*:*:*:*:*
    • (no CPE)range: >=1.0, <=1.1 SP1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.