Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/03/2003 Updated: 05/09/2008

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote malicious users to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).

Vulnerable Product	Search on Vulmon	Subscribe to Product
jetty jetty 4.1.0_rc4

source: wwwsecurityfocuscom/bid/5821/info Jetty is a freely available, open source Java Web Server and Servlet Container It is available for Linux, Unix, and Microsoft Windows platforms It has been reported that Jetty does not properly sanitize requests This could result in a user clicking a malicious link that would execute script or ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-09/0337.html http://www.securityfocus.com/bid/5821 http://www.iss.net/security_center/static/10219.php https://nvd.nist.gov https://www.exploit-db.com/exploits/21875/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1533

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect