Moderate severityNVD Advisory· Published Dec 5, 2007· Updated Jun 16, 2026
CVE-2007-5613
CVE-2007-5613
Description
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.mortbay.jetty:jettyMaven | < 6.1.6 | 6.1.6 |
Affected products
12cpe:2.3:a:mortbay_jetty:jetty:1.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:mortbay_jetty:jetty:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:5:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:6:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:6.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
13- jira.codehaus.org/browse/JETTY-452nvdPatch
- github.com/advisories/GHSA-8h77-9vh5-hw5gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-5613ghsaADVISORY
- lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlnvdWEB
- www.kb.cert.org/vuls/id/237888nvdUS Government ResourceWEB
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.htmlnvdWEB
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.htmlnvdWEB
- osvdb.org/42497nvd
- secunia.com/advisories/27925nvd
- secunia.com/advisories/30941nvd
- secunia.com/advisories/35143nvd
- svn.codehaus.org/jetty/jetty/trunk/VERSION.txtnvd
- www.securityfocus.com/bid/26697nvd
News mentions
0No linked articles in our index yet.