Java Deserialization Vulnerability in ZAP Viewstate Add-on

14 views
Skip to first unread message

Simon Bennetts

unread,
Jun 24, 2026, 10:56:14 AMJun 24
to ZAP User Group
An Insecure Java Deserialization vulnerability has been reported in a ZAP add-on via Neo by ProjectDiscovery.

Update your ZAP add-ons now, and definitely update from older versions of ZAP.


Let us know if you have any questions about this vulnerability.

Many thanks,

Simon
Reply all
Reply to author
Forward
0 new messages