RSS   Vulnerabilities for 'Captcha asp.net'   RSS

2006-06-23
 
CVE-2006-2918

CWE-264
 

 
The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA in the ViewState of a page, which makes it easier for remote attackers to conduct automated attacks by "replaying the ViewState for a known number."

 


Copyright 2024, cxsecurity.com

 

Back to Top