3 matches found
Apache Wicket insecure defaults
Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider...
GHSA-VFMM-JM4V-7FRQ Apache Wicket insecure defaults
Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider...
Apache Wicket Cross-Site Request Forgery Vulnerability
Apache Wicket is the United States Apache Apache Software Foundation , a set of open source , lightweight , component-based framework , which provides an object-oriented way to develop Web-based dynamic UI applications . A security vulnerability exists in Apache Wicket. An attacker can exploit th...