Описание
ASP.NET Core Security Feature Bypass Vulnerability
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
An unauthenticated attacker could bypass validations on Blazor Server forms.
How could an attacker exploit this vulnerability?
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then trigger an event that could exploit the vulnerability to save an invalid state to a database or trigger other unintended actions, depending on what functionality the form provides.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| ASP.NET Core 6.0 | ||
| .NET 6.0 | ||
| Microsoft Visual Studio 2022 version 17.2 | ||
| Microsoft Visual Studio 2022 version 17.4 | ||
| .NET 7.0 | ||
| Microsoft Visual Studio 2022 version 17.6 | ||
| Microsoft Visual Studio 2022 version 17.7 | ||
| ASP.NET Core 7.0 | ||
| ASP.NET Core 8.0 | ||
| .NET 8.0 |
Показывать по
10
Возможность эксплуатации
Publicly Disclosed
No
Exploited
No
Latest Software Release
Exploitation Less Likely
EPSS
Процентиль: 54%
0.00316
Низкий
6.2 Medium
CVSS3
Связанные уязвимости
EPSS
Процентиль: 54%
0.00316
Низкий
6.2 Medium
CVSS3