CVE-2014-3526
Apache Wicket is vulnerable to information disclosure in versions prior to 1.5.12, 6.x prior to 6.17.0, and 7.x prior to 7.0.0-M3. The issue allows remote attackers to obtain sensitive information via identifiers used for storing page markup during temporary user sessions. Connected sources confi...