This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

ASP.NET POET Vulnerability

Revision as of 21:45, 20 September 2010 by ParanoidMike (talk | contribs) (Added introductory sentences as a first step towards Dinis' recommended "good/objective description of the problem, good technical desciption of the problem and tons of references")

Jump to: navigation, search

This page contains details about the ASP.NET POET vulnerability disclosed on 2010-09-17. This vulnerability exists in all versions of ASP.NET (all versions released through 2010-09-18). As of 2010-09-20, there is no fix available to resolve the vulnerability; in the meantime, Microsoft strongly urges all ASP.NET deployments perform the recommended workaround to mitigate the vulnerability in the short-term.


Fixes (via web.config change)

Blogs, News, Articles

discussion Threads