{"uuid": "d54950f5-c6c7-4f14-ae66-2c4837f9ab49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11976", "type": "seen", "source": "https://t.me/cibsecurity/14052", "content": "ATENTION\u203c New - CVE-2020-11976\n\nBy crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-11T22:55:30.000000Z"}