Cross-Site Scripting Rad Script Manager

2 posts, 0 answers
  1. Wes
    Wes avatar
    5 posts
    Member since:
    May 2009

    Posted 14 Jul 2015 Link to this post

    I am using version 2013.2.717.45 and I had my site run through vulnerability testing.  I am having cross site vulnerability issues  returning in the following.

    • /ScriptResource.axd?d =f IXfSCXDMdPOprM9upV31XCUh62H5BipU6bxHY6xdjYTSrzQmRd9QwKEy
      %65%72%74%28%38%36%32%38%36%29%3c%2f%73%43%72%49%70%54%3e &t=7b689585
    • /Telerik.Web.UI .WebResource.axd?_TSM_HiddenField_=ctl00_body_ctl00
      %65%72%74%28%38%38%35%37%35%29%3c%2f%73%43%72%49%70%54%3e &_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions
      %2c+Version%3d4.0.0.0%2c+Culture%3dneutral %2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a88fd0407-24cf-4abd-9df5
      -22f81b2bc835%3aea597d4b%3ab25378d2%3bTelerik.Web.UI %2c+Version%3d2013.2.717.45%2c+Culture%3dneutral
      %2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a4401a8f1-5215-4b97 -a426-3601ce0fa0ff%3a16e4e7cd%3af7645509%3a24ee1bba
    • /WebResource.axd?d =tvqaHeB_Qt6zlKxTjYmoVdBW9yFJob_NmsiT
      _fEXBR5cez42Mn6r28jqsiLbDqWqk4aJsTIOD3Q2%3c%73%43%72%49%70 %54%3e%61%6c%65%72%74%28%35%38%35%31%36%29%3c%2f%73%43%72

     Is there a setting that I am missing to prevent these issue from occurring?



  2. Peter Filipov
    Peter Filipov avatar
    1028 posts

    Posted 17 Jul 2015 Link to this post

    Hello Wesley,

    Could you please provide us the sample project which you have tested. Also give us more information about the tool that you used to test the application?

    Peter Filipov
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. DevCraft R3 2016 release webinar banner
Back to Top