CVE-2017-15719

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-15719

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-15719.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-15719

Aliases

GHSA-pwpc-hqq2-hx2x

Published

2018-03-12T13:29:00.273Z

Modified

2026-02-12T00:03:41.297641Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor.

References

Affected packages

Git / github.com/sebfz1/wicket-jquery-ui

Affected ranges

Type: GIT
Repo: https://github.com/sebfz1/wicket-jquery-ui
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

be7daa360d40c5f32f78a36ef056ab28e953d4d6

Introduced

dcb51ab95a979c336ce9db02c6df499fe8fb1b4f

Last affected

d007deedccfc44d764c15e8fe5a21a0f117bd51e

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-15719.json"