.jekyll-cache/Jekyll/Cache/Jekyll--Converters--Markdown/3c/28f4b95ea6d630ab776da2d5fbb228df2c1187bd051d4ebec6f2e8faab52e5 - wicket-site - Git at Google

 I"|<p>Severity: Important</p>

 <p>Vendor:
 The Apache Software Foundation</p>

 <p>Versions Affected:
 Apache Wicket 1.4.x</p>

 <p>Apache Wicket 1.3.x and 1.5.x are not affected</p>

 <p>Description:
 A Cross Site Scripting (XSS) attack is possible by manipulating the
 value of ‘wicket:pageMapName’ request parameter.</p>

 <p>Mitigation:
 Upgrade to <a href="http://wicket.apache.org/news/2012/03/12/wicket-1.4.20-released.html">Apache Wicket 1.4.20</a> or
 <a href="http://wicket.apache.org/news/2012/03/12/wicket-1.5.5-released.html">Apache Wicket 1.5.5</a></p>

 <p>Credit:
 This issue was discovered by Jens Schenck and Stefan Schmidt.</p>
 :ET
	I"\|<p>Severity: Important</p>

	<p>Vendor:
	The Apache Software Foundation</p>

	<p>Versions Affected:
	Apache Wicket 1.4.x</p>

	<p>Apache Wicket 1.3.x and 1.5.x are not affected</p>

	<p>Description:
	A Cross Site Scripting (XSS) attack is possible by manipulating the
	value of ‘wicket:pageMapName’ request parameter.</p>

	<p>Mitigation:
	Upgrade to <a href="http://wicket.apache.org/news/2012/03/12/wicket-1.4.20-released.html">Apache Wicket 1.4.20</a> or
	<a href="http://wicket.apache.org/news/2012/03/12/wicket-1.5.5-released.html">Apache Wicket 1.5.5</a></p>

	<p>Credit:
	This issue was discovered by Jens Schenck and Stefan Schmidt.</p>
	:ET