We have found a Xss vulnerability in the Telerik.Web.UI.WebResource.axd [_TSM_CombinedScripts_ parameter], where it is possible to edit the javascript. We are currently using an older version of the library (2009.3.1103.20). Can anyone confirm that this issue is fixed in the latest release, and in what version was this issue solved?
1 Answer, 1 is accepted
0
Accepted
Hi Paal Graf,
We have made fixes in this area however I cannot give you a precise date when they happened. Please test with the latest trial version of Telerik.Web.UI and provide the specific error message about the vulnerability.
All the best,
Simon
the Telerik team
We have made fixes in this area however I cannot give you a precise date when they happened. Please test with the latest trial version of Telerik.Web.UI and provide the specific error message about the vulnerability.
All the best,
Simon
the Telerik team
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now