Vulnerabilities > CVE-2013-2055 - Unspecified vulnerability in Apache Wicket

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

apache

NVD

Published: 2014-02-10

Updated: 2024-11-21

Summary

Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templates to be rendered without being processed and reading the information that is outside of wicket:panel markup.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Wicket 6.1.1 Apache Wicket 1.5.10 Apache Wicket 6.4.0 Apache Wicket 1.5.6 Apache Wicket 1.5.5 Apache Wicket 6.5.0 Apache Wicket 1.4.14 Apache Wicket 6.7.0 Apache Wicket 6.3.0 Apache Wicket 1.4.12 Apache Wicket 1.4.17 Apache Wicket 1.4.0 Apache Wicket 6.8.0 Apache Wicket 1.4.20 Apache Wicket 1.5.7 Apache Wicket 1.5.2 Apache Wicket 6.2.0 Apache Wicket 1.4.15 Apache Wicket 1.4.21 Apache Wicket 1.5.1 Apache Wicket 1.4.11 Apache Wicket 1.5.0 Apache Wicket 1.5.4 Apache Wicket 1.4.1 Apache Wicket 1.4.18 Apache Wicket 6.1.0 Apache Wicket 1.4.22 Apache Wicket 1.5.3 Apache Wicket 1.4.10 Apache Wicket 1.4.19 Apache Wicket 6.6.0 Apache Wicket 1.4.16 Apache Wicket 1.4.13 Apache Wicket 1.5.9 Apache Wicket 1.5.8	35

Summary

Vulnerable Configurations

References