CVE-2017-15719

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-15719
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15719.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-15719
Aliases
Published
2018-03-12T13:29:00.273Z
Modified
2026-04-10T03:58:11.161855Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor.

References

Affected packages

Git / github.com/sebfz1/wicket-jquery-ui

Affected ranges

Type
GIT
Repo
https://github.com/sebfz1/wicket-jquery-ui
Events
Introduced
dcb51ab95a979c336ce9db02c6df499fe8fb1b4f
Last affected
d007deedccfc44d764c15e8fe5a21a0f117bd51e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
be7daa360d40c5f32f78a36ef056ab28e953d4d6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6e23299b7e8584f11eb59bdb881c503b761f76d0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9e9812701cab87a5246103043514a9c12727c746
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
93916b14c6675026c312548dd025309fe956bc3d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0ac4b91214f02441d2c5cd7b9f43d4312f7f7d60
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c6b20d7709583198d213611ff41e3a8b0c23c023
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
43655bfabdaf774584399a763e8a273c602521b7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7c6c1a90c9909fe00ba75313e5437c94a6280f2a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
92251f85676b6c32e42c7125aca61e4b3a83fac5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b799a5b167f903dd412aca8de0c4edbd132a11cb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c0db1cd28ef55c31d9444473f026a1fb8552d042
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
763bffc0e5f58c181a04a2409923d2f13f7a4825
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
785db9d63cbf55d49462d4933e2c27dfd5bd6b89
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
53a6ca70799172721442304131089eb54d599174
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
745dd937856559ce496fa079092161dc00f4f5b3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fccb06c12578dfe23d7f02f74cb90ebeda53e60c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8fb5c3b5a63ef916a47692043362a36e2405f40d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d7dbbf95ca1989e1d6c5d1a2918f7dd5212c44df
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
60d133c01f41b4e6911301781f96cd8dd53e0d15
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f817324d7f0907bc3e874250c4001b42ba02da35
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
27ec110466650a04592eee40baf18b81d11f5a92
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
43a6e22a97127a6c0de2e82dc27199cc4ed88f28
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e4b61aeee0326657c4f9ab94a8c0d65cb818a39d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1f72799a83fc1d0b0531b8a06265e204f14c0ff0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6d34d8eff34db14ff0127187d315071967b5346e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d211ff0b347796f6dccc45575ac58d036da8bae9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c624024c67389bfd924b3c21c670c3e5923c9424
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a258779fa13b60cadb14434aed513acb776c7ce4
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
380e5e536ac678c1c31a2816614dbbd235edadba
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
261bda97e77bbc23b06574969509bf53b62ef265
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
60d133c01f41b4e6911301781f96cd8dd53e0d15
Database specific 
{
    "versions": [
        {
            "introduced": "6.0.0"
        },
        {
            "last_affected": "6.28.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0-milestone3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0-milestone4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0-milestone5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0-milestone6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.3.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.9.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.9.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone1\\.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone4\\.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.0-milestone8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.9.1"
        }
    ]
}

Affected versions

jquery-ui-parent-1.*
jquery-ui-parent-1.2.1
wicket-jquery-1.*
wicket-jquery-1.4.2
wicket-jquery-ui-1.*
wicket-jquery-ui-1.2.0
wicket-jquery-ui-1.2.2
wicket-jquery-ui-1.3.0
wicket-jquery-ui-1.3.1
wicket-jquery-ui-1.4.0
wicket-jquery-ui-1.4.1
wicket-jquery-ui-6.*
wicket-jquery-ui-6.10.0
wicket-jquery-ui-6.12.0
wicket-jquery-ui-6.13.0
wicket-jquery-ui-6.13.1
wicket-jquery-ui-6.14.0
wicket-jquery-ui-6.15.0
wicket-jquery-ui-6.16.0
wicket-jquery-ui-6.17.0
wicket-jquery-ui-6.18.0
wicket-jquery-ui-6.18.1
wicket-jquery-ui-6.19.0
wicket-jquery-ui-6.19.1
wicket-jquery-ui-6.20.0
wicket-jquery-ui-6.20.1
wicket-jquery-ui-6.20.2
wicket-jquery-ui-6.20.3
wicket-jquery-ui-6.21.0
wicket-jquery-ui-6.21.1
wicket-jquery-ui-6.21.2
wicket-jquery-ui-6.22.0
wicket-jquery-ui-6.22.1
wicket-jquery-ui-6.22.2
wicket-jquery-ui-6.23.0
wicket-jquery-ui-6.24.0
wicket-jquery-ui-6.25.0
wicket-jquery-ui-6.26.0
wicket-jquery-ui-6.27.0
wicket-jquery-ui-6.28.0
wicket-jquery-ui-6.7.0
wicket-jquery-ui-6.8.0
wicket-jquery-ui-6.8.1
wicket-jquery-ui-6.9.0
wicket-jquery-ui-6.9.1
wicket-jquery-ui-7.*
wicket-jquery-ui-7.0.0
wicket-jquery-ui-7.0.0-M3
wicket-jquery-ui-7.0.0-M4
wicket-jquery-ui-7.0.0-M5
wicket-jquery-ui-7.0.0-M6
wicket-jquery-ui-7.0.1
wicket-jquery-ui-7.0.2
wicket-jquery-ui-7.1.0
wicket-jquery-ui-7.2.0
wicket-jquery-ui-7.2.1
wicket-jquery-ui-7.3.0
wicket-jquery-ui-7.3.1
wicket-jquery-ui-7.4.0
wicket-jquery-ui-7.5.0
wicket-jquery-ui-7.6.0
wicket-jquery-ui-7.7.0
wicket-jquery-ui-7.8.0
wicket-jquery-ui-7.9.0
wicket-jquery-ui-8.*
wicket-jquery-ui-8.0.0
wicket-jquery-ui-8.0.0-M1
wicket-jquery-ui-8.0.0-M1.1
wicket-jquery-ui-8.0.0-M2
wicket-jquery-ui-8.0.0-M3
wicket-jquery-ui-8.0.0-M4
wicket-jquery-ui-8.0.0-M4.1
wicket-jquery-ui-8.0.0-M5
wicket-jquery-ui-8.0.0-M6
wicket-jquery-ui-8.0.0-M7
wicket-jquery-ui-8.0.0-M8
wicket-jquery-ui-8.0.0-M8.1
wicket-jquery-ui-8.0.0-M9
wicket-jquery-ui-8.0.0-M9.1
wicket-jquery-ui-8.0.0-M9.2
wicket-jquery-ui-parent-6.*
wicket-jquery-ui-parent-6.11.0
wicket-jquery-ui-parent-7.*
wicket-jquery-ui-parent-7.9.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15719.json"