Описание
Jetty Javascript Inclusion Vulnerability
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1533
- https://web.archive.org/web/20040705203137/http://xforce.iss.net/xforce/xfdb/10219
- https://web.archive.org/web/20041213153950/http://archives.neohapsis.com/archives/bugtraq/2002-09/0337.html
- https://web.archive.org/web/20061020173202/http://www.securityfocus.com/bid/5821
Пакеты
Наименование
org.mortbay.jetty:jetty
maven
Затронутые версииВерсия исправления
< 4.1.1
4.1.1
Связанные уязвимости
nvd
больше 22 лет назад
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).
debian
больше 22 лет назад
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine a ...