Vulnerability Details CVE-2018-0785
ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 84.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/102379
- http://www.securitytracker.com/id/1040151
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0785
- http://www.securityfocus.com/bid/102379
- http://www.securitytracker.com/id/1040151
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0785
Products affected by CVE-2018-0785
-
cpe:2.3:a:microsoft:asp.net_core:2.0