CVE-2020-28923
CVSS v3.1
2.7 (Low)
CVSS v2.0
4 (Medium)
EPSS
0.05 % (24th)
Affected Products
1
Advisories
1
An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2020-12-03 17:15:13
(3 years ago) - Updated Date
-
2020-12-07 18:45:09
(3 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...