2 matches found
Direct Web Remoting (DWR) vulnerable to XML external entity injection
Overview Direct Web Remoting DWR is a Java framework for developing Ajax into web applications. DWR contains an XML external entity injection vulnerability CWE-611. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
Free Configuration Check Tool by eEye Digital Security
Free Configuration Check Tool by eEye Digital Security eEye Digital Security, the industry's leading innovator of threat management solutions, just released new research, "Working Toward Configuration Best Practices" . Findings verify that proper configuration and mitigations remain the most...