Wicket 1.5.16 released

05 Aug 2016

This is the sixteenth maintenance release of the Wicket 1.5.x series. This release brings over 2 bug fixes.

CHANGELOG for 1.5.16:


  • CVE-2013-2186: Disable (de)serialization of Commons FileUpload items.
  • CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability

To use in Maven:


Download the full distribution (including sources)