ASP.NET Core allow an elevation of privilege

GHSA-365p-96qv-xr7g · CVE-2018-0787

Published Oct 16, 2018 · Modified Nov 8, 2023

Description

ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-0787
WEB https://github.com/aspnet/Announcements/issues/295
ADVISORY https://github.com/advisories/GHSA-365p-96qv-xr7g
WEB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787
WEB http://www.securityfocus.com/bid/103282
WEB http://www.securitytracker.com/id/1040525

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes