Vulnerabilities > CVE-2020-28923 - Unspecified vulnerability in Lightbend Play Framework
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 15 |
References
- https://www.playframework.com/security/vulnerability
- https://www.playframework.com/security/vulnerability
- https://www.playframework.com/security/vulnerability/CVE-2020-28923-ImproperRemovalofSensitiveInformationBeforeStorageorTransfer
- https://www.playframework.com/security/vulnerability/CVE-2020-28923-ImproperRemovalofSensitiveInformationBeforeStorageorTransfer