JVN#52422792: Direct Web Remoting (DWR) vulnerable to cross-site scripting
Direct Web Remoting DWR is a Java framework for developing Ajax into web applications. DWR contains a cross-site scripting vulnerability CWE-79. Impact Arbitrary JavaScript may be executed on the user's web browser. Solution Update the Software Update to the latest version of DWR according to the...