{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T11:50:15.954","vulnerabilities":[{"cve":{"id":"CVE-2018-1325","sourceIdentifier":"security@apache.org","published":"2018-04-18T19:29:00.893","lastModified":"2024-11-21T03:59:37.890","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display."},{"lang":"es","value":"En Apache wicket-jquery-ui, en versiones iguales o anteriores a la 6.29.0, 7.10.1 o 8.0.0-M9.1, el código creado en el editor WYSIWYG se ejecutará en pantalla."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.29.0","matchCriteriaId":"089FF22F-4FEB-498C-99D9-ADCCB8714D9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.1","versionEndIncluding":"7.10.1","matchCriteriaId":"C870CC21-EF2A-4D97-82D3-8555674CABC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:-:*:*:*:*:*:*","matchCriteriaId":"9D57EDC2-BA93-4648-8822-93F59B5E6F6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone3:*:*:*:*:*:*","matchCriteriaId":"3749CF94-44FA-4888-9BA4-FE4CCE53C7B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone4:*:*:*:*:*:*","matchCriteriaId":"33FC7B1E-DAC4-4D75-BBA7-187E407E4D40"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone5:*:*:*:*:*:*","matchCriteriaId":"79DF88C0-876D-4A74-8CD3-985829BFDF87"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:7.0.0:milestone6:*:*:*:*:*:*","matchCriteriaId":"2A255DCF-54BB-427B-A1BB-34E1C9F8B9BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:-:*:*:*:*:*:*","matchCriteriaId":"B81CA3E0-CBCE-4E00-9595-1F00B467E6CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone1:*:*:*:*:*:*","matchCriteriaId":"222E321F-DCB5-438F-974A-7D55066F4F63"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone1.1:*:*:*:*:*:*","matchCriteriaId":"89217C79-B140-45CB-947A-FC1979735D9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone2:*:*:*:*:*:*","matchCriteriaId":"C58BF87E-49A1-48D8-82AB-3406AC0BEC61"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone3:*:*:*:*:*:*","matchCriteriaId":"7FAF829A-1DB7-43B6-8DCB-5C6202240D65"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone4:*:*:*:*:*:*","matchCriteriaId":"8EFA1D57-5440-481B-AA73-FC5E78C9DD11"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone4.1:*:*:*:*:*:*","matchCriteriaId":"C82DD8B2-EDCE-49D1-A72D-C89EAEBA606F"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone5:*:*:*:*:*:*","matchCriteriaId":"DBA8F3BD-67C7-4552-8829-65F026D01A07"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone6:*:*:*:*:*:*","matchCriteriaId":"A11606C1-4C50-4D39-BA99-D97B7B8862F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone7:*:*:*:*:*:*","matchCriteriaId":"37528AC9-D2A7-4984-BA13-4657F476FABA"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone8:*:*:*:*:*:*","matchCriteriaId":"44CB866A-45AC-4D4C-8B27-7B8415F14BDE"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone8.1:*:*:*:*:*:*","matchCriteriaId":"5C108C41-122F-4B72-83CF-1C89A3A2DDB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone9:*:*:*:*:*:*","matchCriteriaId":"28A393CF-5859-4B01-9DE6-0143F7823124"},{"vulnerable":true,"criteria":"cpe:2.3:a:wicket-jquery-ui_project:wicket-jquery-ui:8.0.0:milestone9.1:*:*:*:*:*:*","matchCriteriaId":"C844DA8B-51A8-4CE8-9F03-884AFF0E4C9F"}]}]}],"references":[{"url":"https://markmail.org/message/6bxjyaolehhq7jrl","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://markmail.org/message/6bxjyaolehhq7jrl","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}