jetty is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of values in the file path, allowing %2e%2e%5c
to be interpreted as ../
, hence serving the requested files and causing directory traversal attacks.