Moderate severityNVD Advisory· Published Sep 11, 2019· Updated Aug 4, 2024
CVE-2019-1302
CVE-2019-1302
Description
An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.AspNetCore.SpaServicesNuGet | >= 2.2.0, < 2.2.7 | 2.2.7 |
Microsoft.AspNetCore.SpaServicesNuGet | >= 2.1.0, < 2.1.13 | 2.1.13 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-xr8f-59pp-rxxhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-1302ghsaADVISORY
- github.com/aspnet/Announcements/issues/384ghsaWEB
- github.com/github/advisory-database/issues/302ghsaWEB
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1302ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.