2 matches found
SLES10: Security update for Websphere Community Edition
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: websphere-asce More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText:...
CVE-2007-2377
The CVE-2007-2377 vulnerability affects the Getahead Direct Web Remoting (DWR) framework up to version 1.1.4, where JSON data is exchanged without an accompanying protection scheme. This enables JavaScript Hijacking: an attacker can retrieve sensitive data by loading a page that fetches data via ...