Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2017-11879
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
| Software | From | Fixed in |
|---|---|---|
| microsoft / asp.net_core | 2.0 | 2.0.x |
Microsoft.AspNetCore.All
|
2.0.0 | 2.0.3 |
|
Microsoft.AspNetCore.Mvc.Core
|
2.0.0 | 2.0.0.x |
|
Microsoft.AspNetCore.Mvc.Core
|
2.0.0 | 2.0.1 |