CVE-2018-1325

In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.
References
Link Resource
https://markmail.org/message/6bxjyaolehhq7jrl Mailing List Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:-:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:-:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone1.1:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone4.1:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone7:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone8:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:*:*:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:*:*:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone8.1:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone9:*:*:*:*:*:*
cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone9.1:*:*:*:*:*:*

Information

Published : 2018-04-18 07:29

Updated : 2019-06-12 02:37


NVD link : CVE-2018-1325

Mitre link : CVE-2018-1325

Products Affected
No products.
CWE