Description
Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000118
http://jvn.jp/en/jp/JVN52422792/index.html
Related Vulnerabilities
CVE-2013-1879 Vulnerability in maven package activemq:activemq-core
CVE-2019-5422 Vulnerability in npm package buttle
CVE-2019-0224 Vulnerability in maven package org.apache.jspwiki:jspwiki-builder
CVE-2021-3536 Vulnerability in maven package org.wildfly:wildfly-parent
CVE-2016-4567 Vulnerability in maven package org.webjars.bower:mediaelement