Filtered by vendor Liftweb Subscriptions
Filtered by product Lift Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-3300 1 Liftweb 1 Lift 2024-09-17 N/A
The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a < (less than) character.