3 matches found
Microsoft ASP.NET Core Privilege Escalation (March 2018)
The remote Windows host has an installation of ASP.NET Core containing the packages HttpOverrides and/or Server.Kestrel.Core with versions 2.0.0 or 2.0.1 and therefore is affected by a privilege escalation vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
CVE-2018-0787
CVE-2018-0787 affects ASP.NET Core 1.0/1.1/2.0 where elevation of privilege arises from how template-generated web apps validate requests. The root cause is improper validation in Kestrel-based web apps, enabling HTML injection under certain conditions (e.g., crafted password-reset flow). Documen...
KLA11210 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET Core can be exploited remotely via specially...