Affecting microsoft.aspnetcore.server.httpsys package, versions [2.1.0, 2.1.12) || [2.2.0, 2.2.6)
microsoft.aspnetcore.server.httpsys is a ASP.NET Core HTTP server that uses the Windows HTTP Server API.
Affected versions of this package are vulnerable to Open Redirect. A spoofing vulnerability exists that could lead to an redirection. An attacker who successfully exploits this vulnerability could redirect a targeted user to a malicious website.
microsoft.aspnetcore.server.httpsys to version 2.1.12, 2.2.6 or higher.