CVE-2010-2084

CVE Database · CVE-2010-2084

CVE-2010-2084

· N/AModified

CVSS v3.1

N/A

EPSS

12.54%

Published

May 27, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to an attribute.

Weaknesses (CWE)

CWE-79

Affected Products (1)

microsoft · asp.netvulnerable

References (2)

http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/03/30/configuration-is-half-the-battle-asp-net-and-cross-site-scripting.aspx

KEV Catalog EPSS Scores Vendors All CVEs