8.8 High
AI Score
Confidence
High
0.028 Low
EPSS
Percentile
90.7%
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka “ASP.NET Core Elevation Of Privilege Vulnerability”.
[ { "product": "ASP.NET Core", "vendor": "Microsoft Corporation", "versions": [ { "status": "affected", "version": "ASP.NET Core 1.0. 1.1, and 2.0" } ] } ]
www.securityfocus.com/bid/103282
www.securitytracker.com/id/1040525
github.com/aspnet/Announcements/issues/295
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787