Remote Code Execution via Deserialization of JSON data in CSRF Cookie in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse
CVE-2017-9785 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie.
Learn more about our Web Application Penetration Testing UK.