10 Points to Secure Your ASP.NET Core MVC Applications
Broken authentication and session management
Sensitive Data Exposure & Audit trail
Cross-Site Scripting (XSS) attacks
Malicious File Upload
Security Misconfiguration (Error Handling Must Setup Custom Error Page)
Version Discloser
Cross-Site Request Forgery (CSRF)
XML External Entities (XXE)
Insecure Deserialization
SQL Injection Attack