Mailinglist Archive

Critical vulnerability in AJAX technology - Web 2.0 applications at risk
Posted on 03 January 2007.

Imperva Application Defense Center announced the discovery of a critical
vulnerability in DWR (Direct Web Reporting), a key underlying technology
in the AJAX web application development framework. This client-side
vulnerability can be exploited to launch Denial of Service (DoS) attacks
and break into back-end servers and databases. 

http://www.net-security.org/secworld.php?id=4536