CVE-2007-5613
NONECross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
Publicado: 12/5/2007Atualizado: 4/9/2025
Descrição
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
Análise IADesenvolvido por IA
Produtos Afetados
mortbay_jettyjetty
1.0
mortbay_jettyjetty
2.4
mortbay_jettyjetty
3.0
mortbay_jettyjetty
3.1
mortbay_jettyjetty
4.0
mortbay_jettyjetty
4.1
mortbay_jettyjetty
4.2
mortbay_jettyjetty
5
mortbay_jettyjetty
5.1
mortbay_jettyjetty
6
mortbay_jettyjetty
6.1
Referências
- http://jira.codehaus.org/browse/JETTY-452Patch
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://osvdb.org/42497
- http://secunia.com/advisories/27925
- http://secunia.com/advisories/30941
- http://secunia.com/advisories/35143
- http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt
- http://www.kb.cert.org/vuls/id/237888US Government Resource
- http://www.securityfocus.com/bid/26697
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html
- http://jira.codehaus.org/browse/JETTY-452Patch
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://osvdb.org/42497
- http://secunia.com/advisories/27925
- http://secunia.com/advisories/30941
- http://secunia.com/advisories/35143
- http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt
- http://www.kb.cert.org/vuls/id/237888US Government Resource
- http://www.securityfocus.com/bid/26697