Description

jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.

Remediation

References

http://securitytracker.com/id?1016168

Related Vulnerabilities

CVE-2023-50101 Vulnerability in maven package com.jfinal:jfinal

CVE-2022-21830 Vulnerability in npm package @rocket.chat/livechat

CVE-2013-6397 Vulnerability in maven package org.apache.solr:solr-core

CVE-2020-8192 Vulnerability in npm package fastify

CVE-2022-22912 Vulnerability in npm package plist

Severity

Critical

Tags

Exploit NVD-CWE-Other