Description
jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.
Remediation
References
http://securitytracker.com/id?1016168
Related Vulnerabilities
CVE-2018-9206 Vulnerability in maven package org.webjars.npm:blueimp-file-upload
CVE-2019-10806 Vulnerability in npm package vega-util
CVE-2023-48087 Vulnerability in maven package com.xuxueli:xxl-job-admin
CVE-2020-6426 Vulnerability in npm package electron
CVE-2018-19048 Vulnerability in maven package org.webjars:simditor