RSS   Podatności dla 'LIFT'   RSS

2013-07-29
 
CVE-2013-3300

 
 
The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a < (less than) character.

 

Copyright 2024, cxsecurity.com

 

Back to Top