Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2012-5636

Disclosure Date: October 30, 2017 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.22, 1.5.x before 1.5.10, and 6.x before 6.4.0 might allow remote attackers to inject arbitrary web script or HTML via vectors related to <script> tags in a rendered response.
0
0
Attacker Value
Unknown

CVE-2014-3526

Disclosure Date: October 30, 2017 (last updated November 26, 2024)
Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0