CVE-2017-11879

Summary

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".

Affected Software

VendorProductVersion RangeStatus
Microsoft CorporationASP.NET CoreASP.NET Core 2.0affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References