Information from Microsoft Japan Co.,Ltd.

Vulnerability ID:JVN#72586781
Title:ASP.NET vulnerable to cross-site scripting
Status:vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.