3 matches found
GHSA-QMGJ-5H75-JR67 Jetty Directory Traversal Vulnerability
Directory traversal vulnerability in jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c encoded ../ in the URL. NOTE: this might be the same issue as CVE-2005-3747...
CVE-2006-2758
CVE-2006-2758 is a directory traversal vulnerability in Jetty 6.0.x (jetty6) beta16. A remote attacker can read arbitrary files by using an encoded path like %2e%2e%5c (../) in the URL, potentially impacting confidentiality. The issue is noted to possibly be the same as CVE-2005-3747. The connect...
CVE-2005-3747
Jetty (web server/container) affected by CVE-2005-3747: Unspecified vulnerability in Jetty before 5.1.6 could allow remote attackers to obtain the source code of JSP pages, potentially by requesting .jsp files with URL-encoded backslash characters ("%5C"). The issue is noted as possibly the same ...