You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
... the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.
I suppose we don't use DefaultServlet nor ResourceHandler configured for showing a Listing of directory contents. @electrum do we?
(This is not to say we shouldn't upgrade. I'm just trying to understand the situation better.)
Jetty 9.4.14.v20181114 has security vulnerabilities where the server is vulnerable to XSS conditions.
https://www.cvedetails.com/cve/CVE-2019-10241/
The text was updated successfully, but these errors were encountered: