CRITICAL 9.8 NuGet
Deserialization of Untrusted Data in NancyFX Nancy
GHSA-mx3q-j2g2-5qxq · CVE-2017-9785
Published · Modified
Description
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie.
References
Ready to move
Start Securing
Free, no credit card | First findings in minutes