{"vulnerability": "CVE-2020-28923", "sightings": [{"uuid": "73282ec4-6fb4-483b-894a-2d10910b26b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28923", "type": "seen", "source": "https://t.me/cibsecurity/17117", "content": "\u203c CVE-2020-28923 \u203c\n\nAn issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-03T20:26:30.000000Z"}]}