Mailinglist Archive


Critical vulnerability in AJAX technology - Web 2.0 applications
From:Joe Klemmer
Date: Fri, 05 Jan 2007 09:18:40 -0500

Critical vulnerability in AJAX technology - Web 2.0 applications at risk
Posted on 03 January 2007.

Imperva Application Defense Center announced the discovery of a critical
vulnerability in DWR (Direct Web Reporting), a key underlying technology
in the AJAX web application development framework. This client-side
vulnerability can be exploited to launch Denial of Service (DoS) attacks
and break into back-end servers and databases. 

http://www.net-security.org/secworld.php?id=4536