CVE-2014-5326CVE-2014-5326

Affected configuration(s):

cpe:/a:directwebremoting:direct_web_remoting:2.0.10
cpe:/a:directwebremoting:direct_web_remoting:3.0:rc1
cpe:/a:directwebremoting:direct_web_remoting:3.0:rc2

Date published: 2014-11-23T21:59:03.160-05:00

Date last modified: 2014-11-24T10:39:51.957-05:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://jvn.jp/en/jp/JVN52422792/index.html

Summary: Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.