CVEs-PoC/2020/CVE-2020-1045.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-10 03:37:37 +02:00

Files

T

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

1.2 KiB

Raw Blame History

CVE-2020-1045

Description

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.

The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.

The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.

POC

Reference

No PoCs from references.

Github

https://github.com/404notf0und/CVE-Flow
https://github.com/ARPSyndicate/cvemon
https://github.com/Live-Hack-CVE/CVE-2020-1045

1.2 KiB Raw Blame History

CVE-2020-1045

Description

POC

Reference

Github

1.2 KiB

Raw Blame History