Nancyfx · Nancy · CVE-2017-9785
**Name of the Vulnerable Software and Affected Versions**
NancyFX Nancy versions prior to 1.4.4
NancyFX Nancy versions 2.x prior to 2.0-dangermouse
**Description**
The issue allows for Remote Code Execution via Deserialization of JSON data in a CSRF Cookie, specifically affecting the Csrf.cs component.
**Recommendations**
For versions prior to 1.4.4, update to version 1.4.4 or later.
For versions 2.x prior to 2.0-dangermouse, update to version 2.0-dangermouse or later.