Lucene search
Veracode Vulnerability DatabaseVERACODE:7359HistoryAug 27, 2018 - 6:30 a.m.
Cross-Site Scripting (XSS)
2018-08-2706:30:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.003 Low
EPSS
Percentile
68.7%
Mort Bay jetty is vulnerable to cross-site scripting (XSS). The server response from a directory listing request is not sanitized and allows an attacker to inject arbitrary Javascript into a victim’s browser via a ; (semicolon) character.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jetty server | le | 6.0.0beta17 | |
| jetty server | le | 6.1.16 | |
| jetty utilities | le | 6.1.16 |
References
itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
jira.codehaus.org/browse/JETTY-980
secunia.com/advisories/34975
secunia.com/advisories/40553
www.securityfocus.com/bid/34800
www.vupen.com/english/advisories/2010/1792
bugzilla.redhat.com/show_bug.cgi?id=499867
github.com/jetty-project/codehaus-jetty6/commit/d215fa63efd8bdd8248e616d8b5bb32bbc67562d
Related
nvd
nvd
CVE-2009-1524
2009-05-05 17:30:00
nessus
nessus
Apache Hadoop Jetty XSS
2011-08-24 00:00:00
VMware vCenter Update Manager XSS
2010-07-29 00:00:00
Fedora 10 : jetty-5.1.15-3.fc10 (2009-5513)
2009-05-27 00:00:00
ubuntucve
ubuntucve
CVE-2009-1524
2009-05-05 00:00:00
prion
prion
Cross site scripting
2009-05-05 17:30:00
cvelist
cvelist
CVE-2009-1524
2009-05-05 17:00:00
cve
cve
CVE-2009-1524
2009-05-05 17:30:00
openvas
openvas
Fedora Core 11 FEDORA-2009-5509 (jetty)
2009-06-05 00:00:00
Fedora Core 9 FEDORA-2009-5500 (jetty)
2009-06-05 00:00:00
Fedora Core 10 FEDORA-2009-5513 (jetty)
2009-06-05 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: jetty-5.1.15-4.fc11
2009-05-26 07:56:18
[SECURITY] Fedora 10 Update: jetty-5.1.15-3.fc10
2009-05-26 07:57:22
[SECURITY] Fedora 9 Update: jetty-5.1.15-3.fc9
2009-05-26 07:55:49
vmware
vmware
securityvulns
securityvulns
