Description
Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://jvn.jp/en/jp/JVN52422792/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000118
Related Vulnerabilities
CVE-2021-41184 Vulnerability in maven package org.webjars.bower:jquery-ui
CVE-2019-20365 Vulnerability in maven package org.igniterealtime.openfire:xmppserver
CVE-2023-3815 Vulnerability in maven package com.ruoyi:ruoyi
CVE-2016-10735 Vulnerability in maven package org.webjars.bowergithub.jasny:bootstrap
CVE-2020-10203 Vulnerability in maven package org.sonatype.nexus:nexus-core