Vulnerabilities > Microsoft > ASP NET Model View Controller
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-8171 | Improper Authentication vulnerability in Microsoft products A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2. | 5.0 |
| 2017-05-12 | CVE-2017-0256 | Improper Input Validation vulnerability in Microsoft products A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. | 5.0 |
| 2017-05-12 | CVE-2017-0249 | Improper Input Validation vulnerability in Microsoft products An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. | 7.5 |
| 2017-05-12 | CVE-2017-0247 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. | 5.0 |
| 2014-10-15 | CVE-2014-4075 | Cross-Site Scripting vulnerability in Microsoft Asp.Net Model View Controller Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted web page, aka "MVC XSS Vulnerability." | 4.3 |