{"vulnerability": "CVE-2024-27439", "sightings": [{"uuid": "b1c1ae11-9968-4e8e-8277-0f2dc7c6099c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27439", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4314", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27439\n\ud83d\udd25 CVSS Score: 6.4 (CVSS_V3)\n\ud83d\udd39 Description: An error in the evaluation of the fetch metadata headers could allow a bypass of the CSRF protection in Apache Wicket.\nThis issue affects Apache Wicket: from 9.1.0 through 9.16.0, and the milestone releases for the 10.0 series.\nApache Wicket 8.x does not support CSRF protection via the fetch metadata headers and as such is not affected.\n\nUsers are recommended to upgrade to version 9.17.0 or 10.0.0, which fixes the issue.\n\ud83d\udccf Published: 2024-03-19T12:30:40Z\n\ud83d\udccf Modified: 2025-02-13T19:05:24Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-27439\n2. https://github.com/apache/wicket\n3. https://lists.apache.org/thread/o825rvjjtmz3qv21ps5k7m2w9193g1lo\n4. http://www.openwall.com/lists/oss-security/2024/03/19/2", "creation_timestamp": "2025-02-13T19:16:42.000000Z"}, {"uuid": "8f813612-eed6-4fa9-9971-e11bc7cdba53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27439", "type": "seen", "source": "https://t.me/ctinow/211819", "content": "https://ift.tt/JAunbtO\nCVE-2024-27439", "creation_timestamp": "2024-03-19T18:31:46.000000Z"}, {"uuid": "b21a666f-b290-4331-b69a-a1a69b6768bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27439", "type": "seen", "source": "https://t.me/ctinow/211402", "content": "https://ift.tt/ZjBo69t\nCVE-2024-27439", "creation_timestamp": "2024-03-19T12:31:22.000000Z"}, {"uuid": "02aeee38-3141-4634-b4fe-9ac95c571a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27439", "type": "seen", "source": "https://t.me/ctinow/211399", "content": "https://ift.tt/ZjBo69t\nCVE-2024-27439", "creation_timestamp": "2024-03-19T12:26:52.000000Z"}]}