CVE-2012-0047

CWE-79Cross-site Scripting (XSS)4 documents4 sources
Severity
4.3MEDIUM
EPSS
1.2%
top 21.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Wicket
Timeline
PublishedMar 23
Latest updateMay 4

Description

Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDapache/wicket20 versions+19

🔴Vulnerability Details

2
GHSA
GHSA-r42r-qp3r-xgf7: Cross-site scripting (XSS) vulnerability in Apache Wicket 12022-05-04
CVEList
CVE-2012-0047: Cross-site scripting (XSS) vulnerability in Apache Wicket 12012-03-23

💬Community

1
Bugzilla
CVE-2011-0047 mediawiki: multiple vulnerabilities corrected in mediawiki 1.16.2 [epel-4]2011-02-01
CVE-2012-0047 (MEDIUM CVSS 4.3) | Cross-site scripting (XSS) vulnerab | cvebase.io