FYI,
The following are the technical details for the Microsoft .NET request
filtering bypass vulnerability (BID 20753):
ProCheckUp Security Bulletin
This advisory has been published following consultation with UK CPNI (formally
known as NISCC)
Title: Microsoft ASP.NET request filtering
Applications which fail to provide their own filtering on top of the inbuilt
.NET request filtering may be vulnerable to XSS attacks.
Provided that a web application solely relies on .NET request filtering before
echoing input back to the web browser, it is possible to inject scripting code
and
