Multiple Vulnerabilities in Apache Wicket Allow Security Bypass, XSS, Information Disclosure, and Data Manipulation

72% confidence

Description

An attacker can exploit multiple vulnerabilities in Apache Wicket to bypass security measures, perform cross-site scripting (XSS) attacks, disclose confidential information, or manipulate data.

Affected Products

Vendor	Product	Versions
the apache software foundation	apache wicket	—

Related News (1 articles)

Tier B

BSI Advisories2h ago

[NEU] [hoch] Apache Wicket: Mehrere Schwachstellen

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-79, CWE-200, CWE-284

PublishedMay 6, 2026

Last enriched2h ago

Multiple Vulnerabilities in Apache Wicket Allow Security Bypass, XSS, Information Disclosure, and Data Manipulation

Description

Affected Products

Related News (1 articles)

Community Vote

Related CVEs (1)

Pin to Dashboard

Verification

Vulnerability Timeline