An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
References
Link | Resource |
---|---|
https://github.com/aspnet/Announcements/issues/239 | Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-05-12 14:29
Updated : 2024-02-04 19:11
NVD link : CVE-2017-0249
Mitre link : CVE-2017-0249
CVE.ORG link : CVE-2017-0249
JSON object : View
Products Affected
microsoft
- asp.net_model_view_controller
- microsoft.aspnetcore.mvc.formatters.xml
- microsoft.aspnetcore.mvc.razor.host
- system.net.http.winhttphandler
- system.net.security
- microsoft.aspnetcore.mvc.webapicompatshim
- microsoft.aspnetcore.mvc.cors
- microsoft.aspnetcore.mvc.formatters.json
- microsoft.aspnetcore.mvc.apiexplorer
- microsoft.aspnetcore.mvc.viewfeatures
- system.net.http
- microsoft.aspnetcore.mvc.razor
- microsoft.aspnetcore.mvc.abstractions
- microsoft.aspnetcore.mvc.taghelpers
- microsoft.aspnetcore.mvc.localization
- system.net.websockets.client
- microsoft.aspnetcore.mvc.dataannotations
- system.text.encodings.web
CWE
CWE-20
Improper Input Validation