Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:21493
HistorySep 12, 2019 - 7:16 a.m.

Privilege Escalation

2019-09-1207:16:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

0.002 Low

EPSS

Percentile

58.8%

ASP.NET Core is vulnerable to privilege escalation. When an ASP.NET Core web application is created using vulnerable project templates, the application fails to properly sanitize web requests. An attacker is able to exploit the vulnerability by sending an email to the user containing a malicious link and when clicked, performs content injection attacks and run scripts in the security context of the logged-on user.