CVE-2005-3747

EPSS 19.4%

Mortbay Jetty Discloses JSP Source Code

發布日:2022/5/1修改日:2024/11/28

描述

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash (`%5C`) characters. NOTE: this might be the same issue as CVE-2006-2758.

受影響套件(1)

Maven/org.mortbay.jetty:jettyfrom 0, < 5.1.6

參考連結(4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2005-3747
WEBhttp://sourceforge.net/project/shownotes.php?release_id=372086&group_id=7322
WEBhttp://www.securityfocus.com/archive/1/450315/100/0/threaded
WEBhttp://www.securityfocus.com/bid/15515