Description

Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-5326

Related Vulnerabilities

Oracle Database Server CVE-2023-22073 Vulnerability (CVE-2023-22073)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-8917)

WordPress Plugin CrossSlide jQuery Multiple Vulnerabilities (2.0.5)

WordPress Plugin WordPress Comment Rating Cross-Site Scripting (1.5.3)

WordPress Plugin CM Ad Changer Multiple Cross-Site Scripting Vulnerabilities (1.7.2)

Severity

Medium

Classification

CVE-2014-5326 CWE-707

Tags

Missing Update Known Vulnerabilities