Lucene search
GitHub Advisory DatabaseGHSA-CWQ3-QP8V-W8Q3HistoryMay 01, 2022 - 2:20 a.m.
Mortbay Jetty Discloses JSP Source Code
2022-05-0102:20:38
CWE-200
GitHub Advisory Database
github.com
6
mortbay jetty
vulnerability
jsp
source code
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.011
Percentile
84.6%
Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash (%5C) characters. NOTE: this might be the same issue as CVE-2006-2758.
Affected configurations
Node
org.mortbay.jettyjettyRange<5.1.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| org.mortbay.jetty | jetty | * | cpe:2.3:a:org.mortbay.jetty:jetty:*:*:*:*:*:*:*:* |
Related
github
github
Jetty Directory Traversal Vulnerability
2022-05-01 07:02:10
cvelist
cvelist
CVE-2006-2758
2006-06-02 01:00:00
CVE-2005-3747
2005-11-22 11:00:00
nvd
nvd
CVE-2006-2758
2006-06-02 01:02:00
CVE-2005-3747
2005-11-22 11:03:00
cve
cve
CVE-2006-2758
2006-06-02 01:02:00
CVE-2005-3747
2005-11-22 11:03:00
prion
prion
Directory traversal
2006-06-02 01:02:00
osv
osv
Mortbay Jetty Discloses JSP Source Code
2022-05-01 02:20:38
Jetty Directory Traversal Vulnerability
2022-05-01 07:02:10
exploitdb
exploitdb
promise webpam 2.2.0.13 - Multiple Vulnerabilities
2012-03-07 00:00:00
veracode
veracode
Directory Traversal
2018-11-14 00:52:53
Directory Traversal
2018-11-13 07:08:22
nessus
nessus
HP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update
2006-11-22 00:00:00
HP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update
2006-11-22 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.011
Percentile
84.6%
Related for GHSA-CWQ3-QP8V-W8Q3