Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2009-4610

🗓️ 13 Jan 2010 20:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 75 Views🌐 WEB

CVE-2009-4610 Multiple XSS vulnerabilities in Mort Bay Jetty 6.x and 7.0.

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
19 Sep 202220:54
ibm
IBM Security Bulletins		Security Bulletin: Jetty vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2011-4461, CVS-2009-4612, CVE-2009-4611, CVE-2009-4610, CVS-2009-4609, CVE-2009-1524, CVE-2009-1523)
11 Feb 202018:29
ibm
Circl		CVE-2009-4610
26 Oct 200900:00
circl
Cvelist		CVE-2009-4610
13 Jan 201020:00
cvelist
EUVD		EUVD-2009-4576
7 Oct 202500:30
euvd
NVD		CVE-2009-4610
13 Jan 201020:30
nvd
OpenVAS		Mort Bay Jetty 6.0.0 - 7.0.0 Multiple Vulnerabilities - Active Check
2 Feb 201000:00
openvas
Prion		Cross site scripting
13 Jan 201020:30
prion
UbuntuCve		CVE-2009-4610
13 Jan 201020:30
ubuntucve
Veracode		Cross-Site Scripting (XSS)
25 Mar 201908:40
veracode
Rows per page
NVD
Node
mortbayjettyMatch6.0.0
OR
mortbayjettyMatch6.0.0alpha0
OR
mortbayjettyMatch6.0.0alpha1
OR
mortbayjettyMatch6.0.0alpha2
OR
mortbayjettyMatch6.0.0alpha3
OR
mortbayjettyMatch6.0.0beta0
OR
mortbayjettyMatch6.0.0beta1
OR
mortbayjettyMatch6.0.0beta10
OR
mortbayjettyMatch6.0.0beta11
OR
mortbayjettyMatch6.0.0beta12
OR
mortbayjettyMatch6.0.0beta14
OR
mortbayjettyMatch6.0.0beta15
OR
mortbayjettyMatch6.0.0beta16
OR
mortbayjettyMatch6.0.0beta17
OR
mortbayjettyMatch6.0.0beta2
OR
mortbayjettyMatch6.0.0beta3
OR
mortbayjettyMatch6.0.0beta4
OR
mortbayjettyMatch6.0.0beta5
OR
mortbayjettyMatch6.0.0beta6
OR
mortbayjettyMatch6.0.0beta7
OR
mortbayjettyMatch6.0.0beta8
OR
mortbayjettyMatch6.0.0beta9
OR
mortbayjettyMatch6.0.0betax
OR
mortbayjettyMatch6.0.0rc0
OR
mortbayjettyMatch6.0.0rc1
OR
mortbayjettyMatch6.0.0rc2
OR
mortbayjettyMatch6.0.0rc3
OR
mortbayjettyMatch6.0.0rc4
OR
mortbayjettyMatch6.0.1
OR
mortbayjettyMatch6.0.2
OR
mortbayjettyMatch6.1.0
OR
mortbayjettyMatch6.1.0pre0
OR
mortbayjettyMatch6.1.0pre1
OR
mortbayjettyMatch6.1.0pre2
OR
mortbayjettyMatch6.1.0pre3
OR
mortbayjettyMatch6.1.0rc0
OR
mortbayjettyMatch6.1.0rc1
OR
mortbayjettyMatch6.1.0rc2
OR
mortbayjettyMatch6.1.0rc3
OR
mortbayjettyMatch6.1.1
OR
mortbayjettyMatch6.1.1rc0
OR
mortbayjettyMatch6.1.2
OR
mortbayjettyMatch6.1.2pre0
OR
mortbayjettyMatch6.1.2pre1
OR
mortbayjettyMatch6.1.2rc0
OR
mortbayjettyMatch6.1.2rc1
OR
mortbayjettyMatch6.1.2rc2
OR
mortbayjettyMatch6.1.2rc3
OR
mortbayjettyMatch6.1.2rc4
OR
mortbayjettyMatch6.1.2rc5
OR
mortbayjettyMatch6.1.3
OR
mortbayjettyMatch6.1.4
OR
mortbayjettyMatch6.1.4rc0
OR
mortbayjettyMatch6.1.4rc1
OR
mortbayjettyMatch6.1.5
OR
mortbayjettyMatch6.1.5rc0
OR
mortbayjettyMatch6.1.6
OR
mortbayjettyMatch6.1.6rc0
OR
mortbayjettyMatch6.1.6rc1
OR
mortbayjettyMatch6.1.7
OR
mortbayjettyMatch6.1.8
OR
mortbayjettyMatch6.1.9
OR
mortbayjettyMatch6.1.10
OR
mortbayjettyMatch6.1.11
OR
mortbayjettyMatch6.1.12
OR
mortbayjettyMatch6.1.12rc1
OR
mortbayjettyMatch6.1.12rc2
OR
mortbayjettyMatch6.1.12rc3
OR
mortbayjettyMatch6.1.12rc4
OR
mortbayjettyMatch6.1.12rc5
OR
mortbayjettyMatch6.1.14
OR
mortbayjettyMatch6.1.15
OR
mortbayjettyMatch6.1.15pre0
OR
mortbayjettyMatch6.1.15rc2
OR
mortbayjettyMatch6.1.15rc3
OR
mortbayjettyMatch6.1.15rc4
OR
mortbayjettyMatch6.1.15rc5
OR
mortbayjettyMatch6.1.16
OR
mortbayjettyMatch6.1.19
OR
mortbayjettyMatch6.1.20
OR
mortbayjettyMatch7.0.0
ParameterPositionPathDescriptionCWE
query_stringquery paramjsp/dump.jspXSS via the query string to the JSP Dump feature (jsp/dump.jsp) and arbitrary script/HTML injection.CWE-79
Namequery paramsession/XSS via Name or Value parameter to the default URI for the Session Dump Servlet under session/CWE-79
Valuequery paramsession/XSS via Name or Value parameter to the default URI for the Session Dump Servlet under session/CWE-79

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Apr 2026 00:35Current
5.2Medium risk
Vulners AI Score5.2
CVSS 24.3
EPSS0.00389
CWE-79
cve-2009-4610xssmort bay jettycross-site scriptingvulnerabilitiessecuritynvd
75