CVE-2014-3526

Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.
References
Link Resource
https://wicket.apache.org/news/2014/09/22/cve-2014-3526.html Issue Tracking Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.11.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.10.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.7.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.13.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.14.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.8.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.15.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.12.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.16.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.9.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.9.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:7.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:7.0.0:milestone2:*:*:*:*:*:*

Information

Published : 2017-10-30 07:29

Updated : 2019-12-11 14:12


NVD link : CVE-2014-3526

Mitre link : CVE-2014-3526


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

apache

  • wicket