Monthly archive for March 2016

CVE-2015-5347 Apache Wicket XSS vulnerability

01 Mar 2016

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Wicket 1.5.x, 6.x and 7.x

Description:

It is possible for JavaScript statements to break out of a ModalWindow’s title - only quotes are escaped in the JavaScrip...

more

CVE-2015-7520 Apache Wicket XSS vulnerability

02 Mar 2016

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Wicket 1.5.x, 6.x and 7.x

Description:

It is possible for JavaScript statements to break out...

more
js29金沙