Mortbay Jetty: >> Jetty >> 2.4 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
CVSS Score
4.3
EPSS Score
0.052
Published
2007-12-05
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.035
Published
2007-12-05