CVE-2014-0043 - Apache Wicket Information disclosure vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: Apache Wicket 1.5.10 and 6.13.0
Description:
By issuing requests to special urls handled by Wicket it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use.
The application developers are recommended to upgrade to:
Credit: This issue was reported by Christian Schneider!
Apache Wicket Team