CVE-2007-6672
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability
EPSS 1.1%
Description
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple `/` (slash) characters in the URI.
How to fix CVE-2007-6672
To remediate CVE-2007-6672, upgrade the affected package to a fixed version below.
- Maven/org.mortbay.jetty:jetty—upgrade to 6.1.7 or later
Is CVE-2007-6672 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 6.1.5, < 6.1.7