Mort Bay Jetty Dump Servlet (webapps/test/jsp/dump.jsp) XSS

medium Nessus Plugin ID 29219

Synopsis

The remote web server contains a JSP application that is affected by a cross-site scripting vulnerability.

Description

The remote instance of Mort Bay Jetty includes a test servlet, 'webapps/test/jsp/dump.jsp', that fails to sanitize user-supplied input before using it to generate dynamic content. An unauthenticated, remote attacker may be able to leverage this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site.

Similar issues reportedly exist with the 'webapps/snoop.jsp'' servlet as well as Jetty itself, although Nessus did not check for them.

Solution

Remove the Test webapp if operating in a production environment and upgrade to Mort Bay Jetty 6.1.6 or later.

See Also

http://jira.codehaus.org/browse/JETTY-452

http://www.nessus.org/u?f964c0d9

Plugin Details

Severity: Medium

ID: 29219

File Name: jetty_dump_cookie_xss.nasl

Version: 1.20

Type: remote

Published: 12/5/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:mortbay:jetty

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2007-5613

BID: 26697

CWE: 79

CERT: 237888