VulnerableCode Package Details - pkg:maven/com.googlecode.wicket-jquery-ui/wicket-jquery-ui-parent@6.9.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.googlecode.wicket-jquery-ui/wicket-jquery-ui-parent@6.9.0

Essentials
History (2)

purl	pkg:maven/com.googlecode.wicket-jquery-ui/wicket-jquery-ui-parent@6.9.0

Next non-vulnerable version	6.29.1
Latest non-vulnerable version	8.1.0
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-hbr4-z556-dqg1 Aliases: CVE-2018-1325 GHSA-pjv3-rh6v-2pj8	Cross-site Scripting In Apache wicket-jquery-ui JS code created in WYSIWYG editor will be executed on display.	6.29.1 Affected by 0 other vulnerabilities. 7.10.2 Affected by 0 other vulnerabilities. 8.0.0-M1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 8.0.0-M9.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 8.1.0 Affected by 0 other vulnerabilities.
VCID-yzaa-nh54-jbhy Aliases: CVE-2017-15719 GHSA-pwpc-hqq2-hx2x	Cross-site Scripting A security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor.	6.28.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 7.9.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 8.0.0-M8.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 8.0.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-hbr4-z556-dqg1
Aliases:
CVE-2018-1325
GHSA-pjv3-rh6v-2pj8

Cross-site Scripting In Apache wicket-jquery-ui JS code created in WYSIWYG editor will be executed on display.

6.29.1
Affected by 0 other vulnerabilities.

7.10.2
Affected by 0 other vulnerabilities.

8.0.0-M1
Affected by 1 other vulnerability.

8.0.0-M9.2
Affected by 1 other vulnerability.

8.1.0
Affected by 0 other vulnerabilities.

VCID-yzaa-nh54-jbhy
Aliases:
CVE-2017-15719
GHSA-pwpc-hqq2-hx2x

Cross-site Scripting A security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor.

6.28.1
Affected by 1 other vulnerability.

7.9.2
Affected by 1 other vulnerability.

8.0.0-M8.1
Affected by 1 other vulnerability.

8.0.0
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T20:11:53.391383+00:00	GitLab Importer	Affected by	VCID-hbr4-z556-dqg1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.googlecode.wicket-jquery-ui/wicket-jquery-ui-parent/CVE-2018-1325.yml	38.6.0
2026-06-04T20:11:27.224316+00:00	GitLab Importer	Affected by	VCID-yzaa-nh54-jbhy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.googlecode.wicket-jquery-ui/wicket-jquery-ui-parent/CVE-2017-15719.yml	38.6.0