Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

References:

Upgrade the Jetty Web server embedded in VMware vCenter Update Manager by using (VMware)
0.7.11 Release (I2P)
Jetty Homepage (Jetty)
Jetty HTTP server directory traversal vulnerability (US-CERT)
Security / Directory Listing XSS present (Codehaus)
Vulnerability in ResourceHandler and DefaultServlet with aliases (Codehaus)
Oracle Critical Patch Update Advisory - July 2009 (Oracle)

Privacy Statement
Copyright 2010, SecurityFocus