Описание
ASP.NET Core Information Disclosure Vulnerability
An information disclosure vulnerability exists in ASP.NET Core that allows bypassing Cross-origin Resource Sharing (CORS) configurations.
An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application.
The security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| ASP.NET Core 1.1 | ||
| ASP.NET Core 1.0 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".
ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".
Cross-origin Resource Sharing bypass in ASP.NET Core
EPSS