Java Deserialization Vulnerability in ZAP Viewstate Add-on
1 view
Skip to first unread message
Simon Bennetts
10:56 AM (2 hours ago) 10:56 AM
to ZAP User Group
An Insecure Java Deserialization vulnerability has been reported in a ZAP add-on via Neo by ProjectDiscovery.
Update your ZAP add-ons now, and definitely update from older versions of ZAP.
Update your ZAP add-ons now, and definitely update from older versions of ZAP.
For more details see: https://www.zaproxy.org/blog/2026-06-24-java-deserialization-vulnerability-in-zap-viewstate-addon/
Let us know if you have any questions about this vulnerability.
Many thanks,
Simon
Reply all
Reply to author
Forward
0 new messages