-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746322 and
https://github.com/defnull/bottle/issues/616 report an issue where
Bottle treated text/plain;application/json as JSON, allowing security
mechanisms to be bypassed.
Use CVE-2014-3137.
Hi,
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746322 and
https://github.com/defnull/bottle/issues/616 report an issue where
Bottle treated text/plain;application/json as JSON, allowing security
mechanisms to be bypassed.
From the upstream report, For example Chrome will not allow
2 matches
Mail list logo
