Vulnerability in Apache Wicket
CVE-2013-2055
Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templates to be rendered without being proces…
EPSS: 0.016 (82.2th percentile) — read the EPSS interpretation.
Affected products
- Apache Wicket — versions 1.4.0, 1.4.1, 1.4.10
- N/a — versions n/a
References
- 20140206 [CVE-2013-2055] Apache Wicket information disclosure vulnerability (mailing-list, x_refsource_FULLDISC)
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
- 102955 (x_refsource_OSVDB, vdb-entry)
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
- 65431 (vdb-entry, x_refsource_BID)