CVE-2009-3579

Name of the Vulnerable Software and Affected Versions Mort Bay Jetty versions 6.1.19 through 6.1.20

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the Value parameter in a GET request to the "cookie/" endpoint.

Recommendations For Mort Bay Jetty versions 6.1.19 and 6.1.20, consider restricting access to the cookie/ endpoint to minimize the risk of exploitation. Avoid using the Value parameter in the affected GET request until the issue is resolved.