CVE-2012-1089

2012-03-23T18:55:00
ID CVE-2012-1089
Type cve
Reporter cve@mitre.org
Modified 2017-12-13T02:29:00

Description

Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.