CVE-2019-1302

EPSS 9.9%

Elevation of privilege in ASP.NET Core

發布日:2022/5/24修改日:2024/12/3

描述

An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.

受影響套件(1)

NuGet/Microsoft.AspNetCore.SpaServices>= 2.2.0, < 2.2.7

參考連結(4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-1302
WEBhttps://github.com/aspnet/Announcements/issues/384
WEBhttps://github.com/github/advisory-database/issues/302
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1302