SHARE
CORE IMPACT v9 - Exploits Update (Thu Sep 24 2009)
Jetty Directory Listing Cross Site Scripting Exploit
Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities []
• Thu Sep 24 2009
A Cross-Site scripting vulnerability has been reported in Jetty. This vulnerability can be induced whenever Jetty displays a web directory listing. Client-side script code can be included in the HTTP response by appending it next to directory listing's path, preceded by a ';' character.
Exploits Vulnerabiltiy: CVE-2009-1524