CVE-2006-2759

Improper Input Validation in Mortbay Jetty in maven/org.mortbay.jetty/jetty

Identifiers

GHSA-mq4x-8whh-jx73, CVE-2006-2759

Package Slug

maven/org.mortbay.jetty/jetty

Vulnerability

Improper Input Validation in Mortbay Jetty

Description

jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.

Affected Versions

All versions before 6.0.0

Solution

Upgrade to version 6.0.0 or above.

Last Modified

2022-06-15

source