CVE-2007-5613
NONECross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
Published: 12/5/2007Updated: 4/9/2025
Description
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
AI AnalysisPowered by AI
Affected Products
mortbay_jettyjetty
1.0
mortbay_jettyjetty
2.4
mortbay_jettyjetty
3.0
mortbay_jettyjetty
3.1
mortbay_jettyjetty
4.0
mortbay_jettyjetty
4.1
mortbay_jettyjetty
4.2
mortbay_jettyjetty
5
mortbay_jettyjetty
5.1
mortbay_jettyjetty
6
mortbay_jettyjetty
6.1
References
- http://jira.codehaus.org/browse/JETTY-452Patch
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://osvdb.org/42497
- http://secunia.com/advisories/27925
- http://secunia.com/advisories/30941
- http://secunia.com/advisories/35143
- http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt
- http://www.kb.cert.org/vuls/id/237888US Government Resource
- http://www.securityfocus.com/bid/26697
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html
- http://jira.codehaus.org/browse/JETTY-452Patch
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://osvdb.org/42497
- http://secunia.com/advisories/27925
- http://secunia.com/advisories/30941
- http://secunia.com/advisories/35143
- http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt
- http://www.kb.cert.org/vuls/id/237888US Government Resource
- http://www.securityfocus.com/bid/26697