mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-25 00:14:09 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2019-10241
&color=brightgreen)
Description
In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.
POC
Reference
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/A-TPL-Bench/LibHunter
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/LibHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/DonnumS/inf226Inchat
- https://github.com/LibHunter/LibHunter
- https://github.com/cyb3r-w0lf/nuclei-template-collection