CVE-2002-1533

描述

Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (`%0a`).

受影響套件(1)

• Maven/org.mortbay.jetty:jettyfrom 0, < 4.1.1

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2002-1533
• WEBhttps://web.archive.org/web/20040705203137/http://xforce.iss.net/xforce/xfdb/10219
• WEBhttps://web.archive.org/web/20041213153950/http://archives.neohapsis.com/archives/bugtraq/2002-09/0337.html
• WEBhttps://web.archive.org/web/20061020173202/http://www.securityfocus.com/bid/5821