VDB

JVNDB-2014-000118

JVNDB-2014-000118 PUBLISHED

Direct Web Remoting (DWR) is a Java framework for developing Ajax into web applications. DWR contains a cross-site scripting vulnerability (CWE-79). Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Timeline

  • Nov 24, 2014 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›