From 46e4d47d9231776e747a21a510e933c4ebb14e9c Mon Sep 17 00:00:00 2001
From: Noam Rathaus <noamr@beyondsecurity.com>
Date: Wed, 9 Jun 2021 09:43:04 +0300
Subject: [PATCH] Another reference

---
 ...vlet-double-decoding-information-disclosure-vulnerability.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vulnerabilities/other/jetty-utility-servlets-concatservlet-double-decoding-information-disclosure-vulnerability.yml b/vulnerabilities/other/jetty-utility-servlets-concatservlet-double-decoding-information-disclosure-vulnerability.yml
index fcaa5e2d31..cb7e67f6c3 100644
--- a/vulnerabilities/other/jetty-utility-servlets-concatservlet-double-decoding-information-disclosure-vulnerability.yml
+++ b/vulnerabilities/other/jetty-utility-servlets-concatservlet-double-decoding-information-disclosure-vulnerability.yml
@@ -6,6 +6,7 @@ info:
   severity: high
   reference: |
     - https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq
+    - https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5
   description: |
     Requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory. For example a request to the ConcatServlet with a URI of /concat?/%2557EB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.