VYPR
Unrated severityNVD Advisory· Published Oct 7, 2009· Updated Jun 16, 2026

CVE-2009-3579

CVE-2009-3579

Description

Cross-site scripting (XSS) vulnerability in the CookieDump.java sample application in Mort Bay Jetty 6.1.19 and 6.1.20 allows remote attackers to inject arbitrary web script or HTML via the Value parameter in a GET request to cookie/.

Affected products

3
  • Apache/Jetty2 versions
    cpe:2.3:a:mortbay:jetty:6.1.19:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mortbay:jetty:6.1.19:*:*:*:*:*:*:*
    • cpe:2.3:a:mortbay:jetty:6.1.20:*:*:*:*:*:*:*
  • Eclipse/Jettyllm-create
    Range: 6.1.19, 6.1.20

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.