Directory Traversal

2018-11-1307:08:22

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.006

Percentile

78.0%

JSON

jetty is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of values in the file path, allowing %2e%2e%5c to be interpreted as ../, hence serving the requested files and causing directory traversal attacks.