Play Framework Security AdvisorySession Injection Date 06 Aug 2013 Description A vulnerability has been found in Play’s session encoding. An attacker may inject arbitrary data into a session, by tricking Play to place a specially crafted value containing null bytes into the Play session. Impact Any application that places user input data into Play’s stateless session mechanism may be vulnerable. Typically, this will impact appli
{{#tags}}- {{label}}
{{/tags}}