{"uuid": "a385b749-58b5-41a7-aa3c-7815410660b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36899", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8832", "content": "#WebApp_Security\n1. Smashing the state machine:\nthe true potential of web race conditions\nhttps://portswigger.net/research/smashing-the-state-machine\n2. Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP-NET Framework (CVE-2023-36899)\nhttps://soroush.me/blog/2023/08/cookieless-duodrop-iis-auth-bypass-app-pool-privesc-in-asp-net-framework-cve-2023-36899", "creation_timestamp": "2023-08-12T12:43:01.000000Z"}