GHSA-5mq8-h82p-wjf2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-5mq8-h82p-wjf2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5mq8-h82p-wjf2/GHSA-5mq8-h82p-wjf2.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-5mq8-h82p-wjf2
- Aliases
-
- CVE-2002-1533
- Published
- 2022-04-30T18:21:21Z
- Modified
- 2024-11-28T05:41:39.980409Z
- Summary
- Jetty Javascript Inclusion Vulnerability
- Details
-
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (
%0a). - Database specific
{ "nvd_published_at": "2003-03-31T05:00:00Z", "cwe_ids": [ "CWE-80" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-02-12T20:43:18Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2002-1533
- https://web.archive.org/web/20040705203137/http://xforce.iss.net/xforce/xfdb/10219
- https://web.archive.org/web/20041213153950/http://archives.neohapsis.com/archives/bugtraq/2002-09/0337.html
- https://web.archive.org/web/20061020173202/http://www.securityfocus.com/bid/5821
Affected packages
Maven / org.mortbay.jetty:jetty
Package
- Name
- org.mortbay.jetty:jetty
- View open source insights on deps.dev
- Purl
- pkg:maven/org.mortbay.jetty/jetty