CVE-2016-6806

🗓️ 02 Oct 2017 13:00:00Reported by apacheType

Apache Wicket CSRF prevention issu

Reporter	Title	Published	Views	Family All 8
CNVD	Apache Wicket CSRF Vulnerability	24 Oct 201700:00	–	cnvd
CVE	CVE-2016-6806	2 Oct 201713:00	–	cve
EUVD	EUVD-2016-7700	7 Oct 202500:30	–	euvd
Github Security Blog	Apache Wicket vulnerable to CSRF attacks	17 May 202200:31	–	github
NVD	CVE-2016-6806	3 Oct 201701:29	–	nvd
OpenVAS	Apache Wicket CSRF Detection Vulnerability (Nov 2016)	10 Oct 201700:00	–	openvas
OSV	GHSA-XC66-MG8R-Q6R5 Apache Wicket vulnerable to CSRF attacks	17 May 202200:31	–	osv
Prion	Cross site request forgery (csrf)	3 Oct 201701:29	–	prion

[
  {
    "product": "Apache Wicket",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "6.20.0"
      },
      {
        "status": "affected",
        "version": "6.21.0"
      },
      {
        "status": "affected",
        "version": "6.22.0"
      },
      {
        "status": "affected",
        "version": "6.23.0"
      },
      {
        "status": "affected",
        "version": "6.24.0"
      },
      {
        "status": "affected",
        "version": "7.0.0"
      },
      {
        "status": "affected",
        "version": "7.1.0"
      },
      {
        "status": "affected",
        "version": "7.2.0"
      },
      {
        "status": "affected",
        "version": "7.3.0"
      },
      {
        "status": "affected",
        "version": "7.4.0"
      },
      {
        "status": "affected",
        "version": "8.0.0-M1"
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread.html/074b72585f4b7c6adda1af52aecbfe1be23c6d6f5bb9382270f059cd%40%3Cannounce.apache.org%3E

02 Oct 2017 12:57Current

8.7High risk

Vulners AI Score8.7

EPSS0.00206