Description
Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://jvn.jp/en/jp/JVN52422792/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000118
Related Vulnerabilities
CVE-2018-19057 Vulnerability in maven package org.webjars.npm:simplemde
CVE-2020-12648 Vulnerability in maven package org.webjars.npm:tinymce
CVE-2022-36094 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2016-1000229 Vulnerability in npm package swagger-ui
CVE-2022-25869 Vulnerability in maven package org.webjars.bower:angular