Mort Bay Jetty is vulnerable to command injection. An attacker can submit an input containing special characters that are copied to stack traces printed to jetty log when an exception is raised due to a error in parsing user input. When log file is viewed in a terminal that understands special escape sequences, the character sequence are executed.
CPE | Name | Operator | Version |
---|---|---|---|
jetty server | le | 7.0.0.pre5 |