Описание
Mortbay Jetty vulnerable to Cross-site scripting
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5613
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://www.kb.cert.org/vuls/id/237888
Пакеты
Наименование
org.mortbay.jetty:jetty
maven
Затронутые версииВерсия исправления
< 6.1.6
6.1.6
Связанные уязвимости
nvd
почти 18 лет назад
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
debian
почти 18 лет назад
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Je ...