Years-Old, Unpatched GWT Vuln Leaves Apps Open to Server-Side RCE

Posted on December 26, 2023

Although the unauthenticated Java deserialization flaw has been known since 2015, GWT apps remain vulnerable to malicious server-side code execution, new research says.

Related Posts

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

Forget Bose and Sonos, Amazon Slashes AirPods Max Prices by 20% Ahead of Prime Day

Say Hello to Avatar: The Last Airbender‘s New Toph

What a Writer’s Strike Means for Viewers at Home