Monthly archive for March 2012

Wicket 1.4.20 released

12 Mar 2012

This is twentieth release of the Wicket 1.4.x series. This is primarily a minor bugfix release on the 1.4.x (stable) branch.

<dependency>
    <grou...
more

Wicket 1.5.5 released

12 Mar 2012

This is the fifth maintenance release of the Wicket 1.5.x series. This release brings over 50 bug fixes and improvements.

<dependency>
    <groupId>org.apache.w...
more

CVE-2012-0047 - Apache Wicket XSS vulnerability via pageMapName request parameter

22 Mar 2012

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Wicket 1.4.x

Apache Wicket 1.3.x and 1.5.x are not affected

Description: A Cross Site Scripting (XSS) attack is possible by manipulating the...

more

CVE-2012-1089 - Apache Wicket serving of hidden files vulnerability

22 Mar 2012

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Wicket 1.4.x and 1.5.x

Description: It is possible to view the content of any file of a web application by using an Url to a Wicket resource which resolves to a ‘null’ package. With such a Url the attacker can request the content of any file by specifying...

more

Wicket 6.0.0-beta1 released

26 Mar 2012

The Wicket team is proud to announce the first beta release of the Wicket 6.x series. This release brings over many improvements over the 1.5.x series.

Check the roadmap with a list ...

more