Lucene search
Veracode Vulnerability DatabaseVERACODE:13521HistoryMar 25, 2019 - 8:40 a.m.
Cross-Site Scripting (XSS)
2019-03-2508:40:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Mort Bay Jetty is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary web script or HTML via the query string to jsp/dump.jsp in the JSP Dump feature, the Name and Value parameter in the default URI for the Session Dump Servlet under session/.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jetty server | le | 7.0.0.pre5 |
Related
prion
prion
Cross site scripting
2010-01-13 20:30:00
ubuntucve
ubuntucve
CVE-2009-4610
2010-01-13 00:00:00
cve
cve
CVE-2009-4610
2010-01-13 20:30:00
openvas
openvas
Mort Bay Jetty Multiple Vulnerabilities
2010-02-02 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for VERACODE:13521