CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

CVE•added 2012/03/23 6:0 p.m.•55 views

CVE-2012-0047

The CVE affects Apache Wicket 1.4.x, vulnerable to XSS via the wicket:pageMapName request parameter. The root cause is improper handling of this parameter, enabling remote script/HTML injection. Affected versions: 1.4.x prior to 1.4.20. The vulnerability is mitigated by upgrading to Apache Wicket...

4.3CVSS5.9AI score0.03002EPSS

Exploits1References5Affected Software1

seebug.org•added 2012/03/23 12:0 a.m.•47 views

Apache Wicket 'pageMapName'参数跨站脚本执行漏洞

BUGTRAQ ID: 52680 CVE ID: CVE-2012-0047 Wicket 提供了一种面向对象的方式来开发基于 Web 的动态 UI 应用程序。 Apache Wicket在操作‘wicket:pageMapName’请求参数值时可能存在XSS攻击，可被利用执行任意脚本代码。 0 Apache Group Wicket 1.4.18 Apache Group Wicket 1.4.17 Apache Group Wicket 1.4.16 Apache Group Wicket 1.4.15 厂商补丁： Apache Group ------------...

4.3CVSS6.5AI score0.03002EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by