Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a <input> element.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Wicket 跨站脚本漏洞
Vulnerability Description
Apache Wicket是美国阿帕奇(Apache)软件基金会的一套开源、轻量、基于组件的框架,它提供了一种面向对象的方式来开发基于Web的动态UI应用程序。 Apache Wicket的RadioGroup和CheckBoxMultipleChoice类中存在跨站脚本漏洞。远程攻击者可借助input元素中特制的‘value’属性利用该漏洞注入任意Web脚本或HTML。以下版本受到影响:Apache Wicket 1.5.15之前1.5.x版本,6.22.0之前6.x版本,7.2.0之前7.x版本。
CVSS Information
N/A
Vulnerability Type
N/A