CVE-2024-36522 | Apache Wicket up to 8.15.0/9.17.0/10.0.0 XSLTResourceStream.java injection

Posted by Angelo Barbosa | Jul 12, 2024 | CVE

A vulnerability classified as critical has been found in Apache Wicket up to 8.15.0/9.17.0/10.0.0. Affected is an unknown function of the file XSLTResourceStream.java. The manipulation leads to injection.

This vulnerability is traded as CVE-2024-36522. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36522 | Apache Wicket up to 8.15.0/9.17.0/10.0.0 XSLTResourceStream.java injection

Related Posts

CVE-2023-48690 | Project Worlds Railway Reservation System 1.0 train.php bynum sql injection

CVE-2024-4898 | InstaWP Connect Plugin up to 0.1.0.38 on WordPress API authorization

CVE-2023-7152 | MicroPython 1.21.0/1.22.0-preview extmod/modselect.c poll_set_add_fd use after free

CVE-2024-36406 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 redirect (GHSA-hcw8-p37h-8hrv)