Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.directwebremoting:dwr(Maven) | 0 | 1.1.4 | N/A |
CVSS Metrics
