We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote attacker to access files inside the server's web directory. A confirmation is available at https://www.telerik.com/support/code-library/security-alert-for-the-obsolete-telerik-extensions-for-asp-net-mvc. This vulnerability has the following CVE identification: CVE-2018-17060.
NOTE: The Telerik Extensions for ASP.NET MVC have been obsolete since June 2013.
NOTE 2: This issue is not present in any version of the current Telerik UI for ASP.NET MVC or Telerik UI for ASP.NET Core product suites.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote attacker to access files inside the server's web directory. A confirmation is available at https://www.telerik.com/support/code-library/security-alert-for-the-obsolete-telerik-extensions-for-asp-net-mvc. This vulnerability has the following CVE identification: CVE-2018-17060.
NOTE: The Telerik Extensions for ASP.NET MVC have been obsolete since June 2013.
NOTE 2: This issue is not present in any version of the current Telerik UI for ASP.NET MVC or Telerik UI for ASP.NET Core product suites.
The text was updated successfully, but these errors were encountered: