NuGet package

ajaxnetprofessional

pkg:nuget/ajaxnetprofessional

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-49289	—	< 21.12.22.1	21.12.22.1	Dec 4, 2023	Ajax.NET Professional (AjaxPro) is an AJAX framework for Microsoft ASP.NET which will create proxy JavaScript classes that are used on client-side to invoke methods on the web server. Affected versions of this package are vulnerable cross site scripting attacks. Releases before v
CVE-2021-43853	—	< 21.12.22.1	21.12.22.1	Dec 22, 2021	Ajax.NET Professional (AjaxPro) is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to JavaScript object injection which may result in cross site scripting when leveraged by a malicious user. The affected core relates to JavaScri
CVE-2021-23758	—	< 21.11.29.1	21.11.29.1	Dec 3, 2021	All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.

CVE-2023-49289Dec 4, 2023
affected < 21.12.22.1fixed 21.12.22.1
Ajax.NET Professional (AjaxPro) is an AJAX framework for Microsoft ASP.NET which will create proxy JavaScript classes that are used on client-side to invoke methods on the web server. Affected versions of this package are vulnerable cross site scripting attacks. Releases before v
CVE-2021-43853Dec 22, 2021
affected < 21.12.22.1fixed 21.12.22.1
Ajax.NET Professional (AjaxPro) is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to JavaScript object injection which may result in cross site scripting when leveraged by a malicious user. The affected core relates to JavaScri
CVE-2021-23758Dec 3, 2021
affected < 21.11.29.1fixed 21.11.29.1
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.