CVE-2020-11976
CVE-2020-11976 describes an information-disclosure vulnerability in Apache Wicket: by using a specially crafted URL an attacker can cause Wicket to deliver unprocessed HTML templates, potentially exposing sensitive data embedded in templates. Affected versions are 7.16.0, 8.8.0, and 9.0.0-M5. The...