Vulnerabilities > CVE-2002-1533 - Cross-Site Scripting vulnerability in Jetty 4.1.0Rc4

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
jetty
exploit available

Summary

Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).

Vulnerable Configurations

Part Description Count
Application
Jetty
1

Exploit-Db

descriptionJetty 4.1 Servlet Engine Cross Site Scripting Vulnerability. CVE-2002-1533. Webapps exploit for jsp platform
idEDB-ID:21875
last seen2016-02-02
modified2002-09-28
published2002-09-28
reporterSkinnay
sourcehttps://www.exploit-db.com/download/21875/
titleJetty 4.1 Servlet Engine Cross-Site Scripting Vulnerability