Remove @
parent
ada8a26e51
commit
8b07f85819
|
@ -2,7 +2,7 @@ id: CVE-2021-34429
|
|||
|
||||
info:
|
||||
name: Eclipse Jetty - Information Disclosure
|
||||
author: @bernardofsr, @am0nt31r0
|
||||
author: bernardofsr,am0nt31r0
|
||||
severity: medium
|
||||
description: |
|
||||
Eclipse Jetty 9.4.37-9.4.42, 10.0.1-10.0.5 and 11.0.1-11.0.5 are susceptible to improper authorization. URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.
|
||||
|
|
Loading…
Reference in New Issue