DWR

DWR- Easy Ajax for Java.

The DWR (Direct Web Remoting) project is an open source solution released under the Apache license for the developers who wants to use AJAX and XMLHttpRequest in an easy way. It allows Javascript in a browser to interact with Java servlet that runs on the server. The servlet then processes requests that arrive from clients and sends back responses. The deployment of DWR is pretty simple. It comes with a single jar file and you need to add few lines in your web.xml. In the web page you need to add <script> tags to indicate which classes you wish to import and can call the Java Code directly from the JavaScript.

Imperva Application Defense Center has found a vulnerability in DWR. For more details check out here. So think twice before using DWR for your web application as Denial of Service Attacks and other security vulnerabilites are possible.