Apache Wicket 1.4.x XSS Vulnerability with setAutomaticMultiWindowSupport
CVE-2011-2712 · LOW Severity
AV:N/AC:H/AU:N/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Learn more about our Cis Benchmark Audit For Apache Http Server.