Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Atlas Framework
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2380 1 Microsoft 1 Atlas Framework 2024-11-21 5.0 MEDIUM N/A
The Microsoft Atlas framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."