Candidate: CVE-2009-1524
PublicDate: 2009-05-05 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1524
Description:
 Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17
 allows remote attackers to inject arbitrary web script or HTML via a
 directory listing request containing a ; (semicolon) character.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_jetty:
upstream_jetty: released (6.1.17)
dapper_jetty: ignored (reached end-of-life)
hardy_jetty: ignored (reached end-of-life)
intrepid_jetty: needed (reached end-of-life)
jaunty_jetty: ignored (reached end-of-life)
karmic_jetty: not-affected (6.1.20-2)
lucid_jetty: not-affected (6.1.20-2)
maverick_jetty: not-affected (6.1.20-2)
natty_jetty: not-affected (6.1.20-2)
oneiric_jetty: not-affected (6.1.20-2)
devel_jetty: not-affected (6.1.20-2)