GHSA-qmgj-5h75-jr67, CVE-2006-2758
maven/org.mortbay.jetty/jetty
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
All versions up to 6.0.beta16
Unfortunately, there is no solution available yet.
2024-02-13
source |