Asp Net Web Forms Controls
Monthly
The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.