Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:13521
HistoryMar 25, 2019 - 8:40 a.m.

Cross-Site Scripting (XSS)

2019-03-2508:40:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

0.001 Low

EPSS

Percentile

45.9%

JSON

Mort Bay Jetty is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary web script or HTML via the query string to jsp/dump.jsp in the JSP Dump feature, the Name and Value parameter in the default URI for the Session Dump Servlet under session/.

CPENameOperatorVersion
jetty serverle7.0.0.pre5

Related

cve 1
prion 1
nvd 1
cvelist 1
ubuntucve 1
openvas 1
ibm 2
cve
cve
CVE-2009-4610
2022-10-03 16:24:04
prion
prion
Cross site scripting
2010-01-13 20:30:00
nvd
nvd
CVE-2009-4610
2010-01-13 20:30:00
cvelist
cvelist
CVE-2009-4610
2022-10-03 16:24:04
ubuntucve
ubuntucve
CVE-2009-4610
2010-01-13 00:00:00
openvas
openvas
Mort Bay Jetty 6.0.0 - 7.0.0 Multiple Vulnerabilities - Active Check
2010-02-02 00:00:00
ibm
ibm
Security Bulletin: Jetty vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2011-4461, CVS-2009-4612, CVE-2009-4611, CVE-2009-4610, CVS-2009-4609, CVE-2009-1524, CVE-2009-1523)
2020-02-11 18:29:33
Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
2022-09-19 20:54:31

0.001 Low

EPSS

Percentile

45.9%

JSON
Related for VERACODE:13521
cve1prion1nvd1cvelist1ubuntucve1openvas1ibm2