Liftweb : Security Vulnerabilities, CVEs, CVSS score >= 3
The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a < (less than) character.
Max CVSS
4.0
EPSS Score
0.14%
Published
2013-07-29
Updated
2013-07-29
1 vulnerabilities found