Privilege Escalation Affecting microsoft.aspnetcore.mvc.cors package, versions [1,1.0.4) [1.1,1.1.3)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-DOTNET-MICROSOFTASPNETCOREMVCCORS-60087
- published 12 May 2017
- disclosed 12 May 2017
- credit Unknown
How to fix?
Microsoft.AspNetCore.Mvc.Cors to version 1.0.4, 1.1.3 or higher.
Microsoft.AspNetCore.Mvc.Cors is a package for cross-origin resource sharing (CORS) features.
Affected versions of this package are vulnerable to Privilege Escalation due to failing to properly sanitize web requests,