Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Fortress
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11976 1 Apache 2 Fortress, Wicket 2024-11-21 5.0 MEDIUM 7.5 HIGH
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5