Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2011-2712

Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.6%
CVSS Severity
CVSS v2 Score 2.6
Products affected by CVE-2011-2712
  • Apache » Wicket » Version: 1.4.0
    cpe:2.3:a:apache:wicket:1.4.0
  • Apache » Wicket » Version: 1.4.1
    cpe:2.3:a:apache:wicket:1.4.1
  • Apache » Wicket » Version: 1.4.10
    cpe:2.3:a:apache:wicket:1.4.10
  • Apache » Wicket » Version: 1.4.11
    cpe:2.3:a:apache:wicket:1.4.11
  • Apache » Wicket » Version: 1.4.12
    cpe:2.3:a:apache:wicket:1.4.12
  • Apache » Wicket » Version: 1.4.13
    cpe:2.3:a:apache:wicket:1.4.13
  • Apache » Wicket » Version: 1.4.14
    cpe:2.3:a:apache:wicket:1.4.14
  • Apache » Wicket » Version: 1.4.15
    cpe:2.3:a:apache:wicket:1.4.15
  • Apache » Wicket » Version: 1.4.16
    cpe:2.3:a:apache:wicket:1.4.16
  • Apache » Wicket » Version: 1.4.17
    cpe:2.3:a:apache:wicket:1.4.17
  • Apache » Wicket » Version: 1.4.2
    cpe:2.3:a:apache:wicket:1.4.2
  • Apache » Wicket » Version: 1.4.3
    cpe:2.3:a:apache:wicket:1.4.3
  • Apache » Wicket » Version: 1.4.4
    cpe:2.3:a:apache:wicket:1.4.4
  • Apache » Wicket » Version: 1.4.5
    cpe:2.3:a:apache:wicket:1.4.5
  • Apache » Wicket » Version: 1.4.6
    cpe:2.3:a:apache:wicket:1.4.6
  • Apache » Wicket » Version: 1.4.7
    cpe:2.3:a:apache:wicket:1.4.7
  • Apache » Wicket » Version: 1.4.8
    cpe:2.3:a:apache:wicket:1.4.8
  • Apache » Wicket » Version: 1.4.9
    cpe:2.3:a:apache:wicket:1.4.9


Contact Us

Shodan ® - All rights reserved