Out-of-date Version (DWR)

CVE: CVE-2003-0083, CVE-2003-0134, CVE-2003-0189, CVE-2003-0245
CWE: CWE-20

Summary

Netsparker identified the target web site is using DWR and detected that it is out of date. DWR is a Java library that enables Java on the server and JavaScript in a browser to interact and call each other.

Impact

Since this is an old version of the software, it may be vulnerable to attacks.

Remediation

Please upgrade your installation of DWR to the latest stable version.

Classifications

PCI v3.1-6.2, PCI v3.2-6.2, CAPEC-310, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9