Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a <input> element.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T07:51:28.374Z
Reserved: 2015-09-29T00:00:00
Link: CVE-2015-7520

No data.

Status : Modified
Published: 2016-04-12T17:59:01.217
Modified: 2024-11-21T02:36:55.433
Link: CVE-2015-7520

No data.