CVE-2007-6672

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
08/01/2008
Last modified:
09/04/2025

Description

Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mortbay_jetty:jetty:6.1.5:*:*:*:*:*:*:*
cpe:2.3:a:mortbay_jetty:jetty:6.1.6:*:*:*:*:*:*:*