Published: 10/02/2014 Updated: 11/02/2014
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Unspecified vulnerability in Apache Wicket 1.4.x prior to 1.4.23, 1.5.x prior to 1.5.11, and 6.x prior to 6.8.0 allows remote malicious users to obtain sensitive information via vectors that cause raw HTML templates to be rendered without being processed and reading the information that is outside of wicket:panel markup.