CVE-2017-11879
published 2017-11-15CVE-2017-11879: ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | asp.net_core | — | — |
| microsoft_corporation | asp.net_core | — | — |
| msrc | asp.net_core_2.0 | — | — |