Unresolved
Details
Details
Assignee
Michael Offner
Michael OffnerReporter
Zac Spitzer
Zac SpitzerPriority
New Issue warning screen
Before you create a new Issue, please post to the mailing list first https://dev.lucee.org
Once the issue has been verified, one of the Lucee team will ask you to file an issue
Created 27 February 2021 at 09:26
Updated 20 June 2024 at 19:52
just was checking how lucee handles json after reading this
https://labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities
https://trycf.com/gist/552e6d941775ef13e719736e9d06ce63/lucee5?theme=monokai
Lucee throws Syntax Error, Invalid Construct rather than a clear, specific message about deserializeJson encountering invalid json.
if possible, also avoiding logging out the 2k of CFMLExpressionInterpreter stacktraces?