CVE-2007-2384
The CVE-2007-2384 entry concerns the Script.aculo.us framework, where data is exchanged as JSON without protection. The underlying issue (JavaScript Hijacking) allows remote attackers to obtain data by loading a page that retrieves JSON via a SCRIPT tag SRC attribute and then captures it with oth...