Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Play Framework Improper Input Validation Vulnerability - CVE-2015-2156 - Vulnerability Database
Play Framework

Play Framework Improper Input Validation Vulnerability - CVE-2015-2156

High
Reference: CVE-2015-2156
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-2156
Title: Play Framework Improper Input Validation Vulnerability
Overview:

Netty before 3.9.8.Final 3.10.x before 3.10.3.Final 4.0.x before 4.0.28.Final and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.