CVE-2005-3747

EPSS 19.4%

Mortbay Jetty Discloses JSP Source Code

Published: 5/1/2022Modified: 11/28/2024

Description

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash (`%5C`) characters. NOTE: this might be the same issue as CVE-2006-2758.

Affected packages (1)

Maven/org.mortbay.jetty:jettyfrom 0, < 5.1.6

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2005-3747
WEBhttp://sourceforge.net/project/shownotes.php?release_id=372086&group_id=7322
WEBhttp://www.securityfocus.com/archive/1/450315/100/0/threaded
WEBhttp://www.securityfocus.com/bid/15515