The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a < (less than) character.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| net.liftweb:lift-webkit(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.7.7(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.8.0(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.8.1(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.8.2(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.9.0(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.9.0-1(Maven) | 0 | N/A | N/A |
| net.liftweb:lift-webkit_2.9.1(Maven) | 0 | 2.5 | N/A |
CVSS Metrics
