5 matches found
CVE-2024-27439
A flaw was found in Apache Wicket. Under certain circumstances, this flaw allows an attacker to bypass Cross-Site Request Forgery CSRF protections...
CVE-2024-27439
An error in the evaluation of the fetch metadata headers could allow a bypass of the CSRF protection in Apache Wicket. This issue affects Apache Wicket: from 9.1.0 through 9.16.0, and the milestone releases for the 10.0 series. Apache Wicket 8.x does not support CSRF protection via the fetch...
CVE-2024-27439 Apache Wicket: Possible bypass of CSRF protection
An error in the evaluation of the fetch metadata headers could allow a bypass of the CSRF protection in Apache Wicket. This issue affects Apache Wicket: from 9.1.0 through 9.16.0, and the milestone releases for the 10.0 series. Apache Wicket 8.x does not support CSRF protection via the fetch...
CVE-2024-27439 Apache Wicket: Possible bypass of CSRF protection
An error in the evaluation of the fetch metadata headers could allow a bypass of the CSRF protection in Apache Wicket. This issue affects Apache Wicket: from 9.1.0 through 9.16.0, and the milestone releases for the 10.0 series. Apache Wicket 8.x does not support CSRF protection via the fetch...
CVE-2024-27439
CVE-2024-27439 affects Apache Wicket. An error in the evaluation of the fetch metadata headers could allow bypassing CSRF protections. The issue is present in Wicket releases 9.1.0 through 9.16.0 and the milestone 10.0 series; Wicket 8.x is not affected. Upgrading to Wicket 9.17.0 or 10.0.0 fixes...