Tyic | Popular Web 2.0 Blog | Tech Guide | Video | Ajax | Tech News | Social Network | Web Hosting

Imperva Application Defense Center announced the discovery of a critical vulnerability in DWR (Direct Web Reporting), a key underlying technology in the AJAX web application development framework. This client-side vulnerability can be exploited to launch Denial of Service (DoS) attacks and break into back-end servers and databases.
Since AJAX executes a much larger proportion of application logic in the web browser than traditional web applications, it exposes a broader attack surface to client-side exploits used by attackers to target sensitive back-end servers directly. The ADC has published a security advisory that details the DWR vulnerability and how to mitigate attacks.

http://www.imperva.com