← Volver a CVEs

CVE-2013-2055

N/A

Descripcion

Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templates to be rendered without being processed and reading the information that is outside of wicket:panel markup.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado2/10/2014

Ultima modificacion4/29/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

apache:wicket

Referencias

http://osvdb.org/102955(secalert@redhat.com)

http://seclists.org/fulldisclosure/2014/Feb/38(secalert@redhat.com)

http://www.securityfocus.com/bid/65431(secalert@redhat.com)

https://wicket.apache.org/2013/05/17/wicket-6.8.0-released.html(secalert@redhat.com)

https://wicket.apache.org/2014/02/06/cve-2013-2055.html(secalert@redhat.com)

http://osvdb.org/102955(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2014/Feb/38(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/65431(af854a3a-2127-422b-91ae-364da2661108)

https://wicket.apache.org/2013/05/17/wicket-6.8.0-released.html(af854a3a-2127-422b-91ae-364da2661108)

https://wicket.apache.org/2014/02/06/cve-2013-2055.html(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.