Количество 2
Количество 2
CVE-2020-11976
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5
GHSA-64gv-3pqv-299h
Exposure of Sensitive Information to an Unauthorized Actor in Apache Wicket
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-11976 By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5 | CVSS3: 7.5 | 2% Низкий | больше 5 лет назад |
| GHSA-64gv-3pqv-299h Exposure of Sensitive Information to an Unauthorized Actor in Apache Wicket | CVSS3: 7.5 | 2% Низкий | почти 5 лет назад |
Уязвимостей на страницу