https://www.dotnetzone.gr:443/cs/blogs/kpantos/archive/2010/09/20/asp-net-security-vulnerability-or-not.aspxLast week two security researchers, Thai Duong and Juliano Rizzo, have discovered a bug in the default encryption mechanism used to protect the cookies normally used to implement Forms Authentication in ASP.NET. Using their tool (the Padding Oracle ExploitelCommunityServer 2.1 SP3 (Build: 20423.1)