jetty is vulnerable to information disclosure attacks. The vulnerability exists due to the ability for users to read arbitrary source code of jsp
files by specifying a capital P
in jsp
when requesting a page.
CPE | Name | Operator | Version |
---|---|---|---|
jetty server | le | 6.0.0beta16 | |
jetty server | le | 6.0.0 |