Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:27 a.m.6 views

CVE-2013-3300

The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a less than character...

4CVSS6AI score0.01477EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/05/17 5:7 a.m.7 views

com.sun.jersey.contribs:jersey-lift (>=1.1.1-ea <=1.1.5-ea-v20091019), com.sun.jersey.contribs:jersey-lift-test (>=1.1.1-ea <=1.1.5-ea-v20091019) +29 more potentially affected by CVE-2013-3300 via net.liftweb:lift-webkit (>=2.0 <=2.0-RC2)

net.liftweb:lift-webkit MAVEN version =2.0, =1.1.1-ea, =1.1.1-ea, =2.0-M1, =2.0, =2.0, =2.0-RC2 - net.liftweb:lift-flot-demo =2.0-M4 - net.liftweb:lift-hellofbc =2.0-M4 and more Source cves: CVE-2013-3300 Source advisory: OSV:GHSA-JF9V-FXFQ-WM76...

4CVSS5.8AI score0.01477EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/17 5:7 a.m.4 views

com.fmpwizard:lift-named-comet_2.9.1 (=0.3), com.foursquare:rogue-lift_2.9.1 (>=2.0.0 <=3.0.0-beta15) +25 more potentially affected by CVE-2013-3300 via net.liftweb:lift-webkit_2.9.1 (>=2.4 <=2.4-RC1)

net.liftweb:lift-webkit2.9.1 MAVEN version =2.4, =2.0.0, =2.0.0, =1.0.24, =2.5, =2.5, =0.0.3, =0.0.3, =2.4, =2.4, =2.4, =2.4, =2.4, =2.4-RC1 and more Source cves: CVE-2013-3300 Source advisory: OSV:GHSA-JF9V-FXFQ-WM76...

4CVSS5.8AI score0.01477EPSS
Exploits1
CVE
CVE
added 2013/07/26 5:0 p.m.56 views

CVE-2013-3300

The connected documents confirm a vulnerability in Lift (before 2.5) where JsonParser.scala’s end-index is misinterpreted as a length, enabling remote authenticated users to access sensitive information from other sessions via input containing a

4CVSS5.8AI score0.01477EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder