CVE-2012-3373 - Apache Wicket XSS vulnerability
Vendor: The Apache Software Foundation
Versions Affected: Apache Wicket 1.4.x and 1.5.x
Apache Wicket 6.0.0 is not affected.
Credit: This issue was reported by Thomas Heigl.