|Title:||Jetty Cross Site Scripting and Information Disclosure Vulnerabilities|
|Summary:||Determine if Jetty is vulnerable to XSS and Information Disclosure|
Jetty is prone to a cross-site scripting vulnerability and an
An attacker may leverage these issues to execute arbitrary script
code in the browser of an unsuspecting user in the context of the
affected site, steal cookie-based authentication credentials, and
obtain sensitive information.
Jetty 6.1.16 and prior versions are affected.
The vendor has released an update. See http://jetty.mortbay.org/jetty/index.html
for more information.
BugTraq ID: 34800|
Common Vulnerability Exposure (CVE) ID: CVE-2009-1523
HPdes Security Advisory: HPSBMA02553
HPdes Security Advisory: SSRT100184
CERT/CC vulnerability note: VU#402580
BugTraq ID: 35675
|Copyright||This script is Copyright (C) 2009 Greenbone Networks GmbH|
|This is only one of 56160 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.