This is a migrated thread and some comments may be shown as answers.

Cross-Site Scripting Rad Script Manager

1 Answer 126 Views
ScriptManager and StyleSheetManager
This is a migrated thread and some comments may be shown as answers.
Wes
Top achievements
Rank 1
Wes asked on 14 Jul 2015, 01:44 PM

I am using version 2013.2.717.45 and I had my site run through vulnerability testing.  I am having cross site vulnerability issues  returning in the following.

  • /ScriptResource.axd?d =f IXfSCXDMdPOprM9upV31XCUh62H5BipU6bxHY6xdjYTSrzQmRd9QwKEy
    qJFHKEwgm3o5vRI0pJt4iTihK7FQBev74pUlBqXZJolifFQvDTGJqbLKP3rNEwqpoXpU4nsux0-jz-eaK8oilloSHbU
    -0eRp3DtfizXDI7fxLUIUXjTOBqWuWjxs1AQv9ops3oo0%3c%73%43%72%49%70%54%3e%61%6c
    %65%72%74%28%38%36%32%38%36%29%3c%2f%73%43%72%49%70%54%3e &t=7b689585
  • /Telerik.Web.UI .WebResource.axd?_TSM_HiddenField_=ctl00_body_ctl00
    _RadScriptManager1_TSM&compress=1%3c%73%43%72%49%70%54%3e%61%6c
    %65%72%74%28%38%38%35%37%35%29%3c%2f%73%43%72%49%70%54%3e &_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions
    %2c+Version%3d4.0.0.0%2c+Culture%3dneutral %2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a88fd0407-24cf-4abd-9df5
    -22f81b2bc835%3aea597d4b%3ab25378d2%3bTelerik.Web.UI %2c+Version%3d2013.2.717.45%2c+Culture%3dneutral
    %2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a4401a8f1-5215-4b97 -a426-3601ce0fa0ff%3a16e4e7cd%3af7645509%3a24ee1bba
    %3af46195d3%3a2003d0b8%3a1e771326%3ae524c98b
  • /WebResource.axd?d =tvqaHeB_Qt6zlKxTjYmoVdBW9yFJob_NmsiT
    _jdYw1zX4QCRSLPZgwcQSiQpYWUKIHv_83YEJDhygbkITIqehXr1RrMZyc74nbt80GwoXh7OYkp
    _fEXBR5cez42Mn6r28jqsiLbDqWqk4aJsTIOD3Q2%3c%73%43%72%49%70 %54%3e%61%6c%65%72%74%28%35%38%35%31%36%29%3c%2f%73%43%72

 Is there a setting that I am missing to prevent these issue from occurring?

Thanks,

 Wes

1 Answer, 1 is accepted

Sort by
0
Peter Filipov
Telerik team
answered on 17 Jul 2015, 09:52 AM
Hello Wesley,

Could you please provide us the sample project which you have tested. Also give us more information about the tool that you used to test the application?

Regards,
Peter Filipov
Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Tags
ScriptManager and StyleSheetManager
Asked by
Wes
Top achievements
Rank 1
Answers by
Peter Filipov
Telerik team
Share this question
or