8.6 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.7%
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka “ASP.NET Core Elevation Of Privilege Vulnerability”.
[ { "product": "ASP.NET Core", "vendor": "Microsoft Corporation", "versions": [ { "status": "affected", "version": "ASP.NET Core 2.0" } ] } ]
www.securityfocus.com/bid/101713
www.securitytracker.com/id/1039793
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11879