CVE-2017-15719

Summary

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationWicket jQuery UI<= 6.28.0affected
Apache Software FoundationWicket jQuery UI<= 7.9.1affected
Apache Software FoundationWicket jQuery UI<= 8.0.0-M8affected

Weaknesses

  • XSS

ADP Enrichment

CVE Program Container

Additional References

References