{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T17:49:16.933","vulnerabilities":[{"cve":{"id":"CVE-2007-5613","sourceIdentifier":"cret@cert.org","published":"2007-12-05T11:46:00.000","lastModified":"2026-06-16T22:46:29.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Dump Servlet de Mortbay Jetty anterior a 6.1.6rc1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante parámetro y cookies no especificados."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:1.0:*:*:*:*:*:*:*","matchCriteriaId":"3615D01B-ACAD-41A1-B7EA-80C63AE01877"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:2.4:*:*:*:*:*:*:*","matchCriteriaId":"D6CCB1E1-6299-44EC-B128-5AE3C54F5A94"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:3.0:*:*:*:*:*:*:*","matchCriteriaId":"50463525-3D63-4048-8A59-B0EB4C23FE1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:3.1:*:*:*:*:*:*:*","matchCriteriaId":"B6785E68-F28C-48C6-9D1F-0C0E4EB4086F"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:4.0:*:*:*:*:*:*:*","matchCriteriaId":"3CC455AC-A31B-4D29-8CDD-A9EB3F2C3E8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:4.1:*:*:*:*:*:*:*","matchCriteriaId":"705ACD64-FF30-48EA-A003-9F0AD999B197"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:4.2:*:*:*:*:*:*:*","matchCriteriaId":"79E38FDC-7937-4294-B1B3-48B1DA23F89B"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:5:*:*:*:*:*:*:*","matchCriteriaId":"5FD8FCEE-0E01-46A9-905A-E0A681650915"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:5.1:*:*:*:*:*:*:*","matchCriteriaId":"D250D764-C503-4CC9-8D46-635561E6A7C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:6:*:*:*:*:*:*:*","matchCriteriaId":"0A6BCC46-43E3-4678-BA4E-7CEA8211C713"},{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:6.1:*:*:*:*:*:*:*","matchCriteriaId":"4BD8360D-1C7D-466F-85CB-FAECDB99137D"}]}]}],"references":[{"url":"http://jira.codehaus.org/browse/JETTY-452","source":"cret@cert.org","tags":["Patch"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html","source":"cret@cert.org"},{"url":"http://osvdb.org/42497","source":"cret@cert.org"},{"url":"http://secunia.com/advisories/27925","source":"cret@cert.org"},{"url":"http://secunia.com/advisories/30941","source":"cret@cert.org"},{"url":"http://secunia.com/advisories/35143","source":"cret@cert.org"},{"url":"http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt","source":"cret@cert.org"},{"url":"http://www.kb.cert.org/vuls/id/237888","source":"cret@cert.org","tags":["US Government Resource"]},{"url":"http://www.securityfocus.com/bid/26697","source":"cret@cert.org"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html","source":"cret@cert.org"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html","source":"cret@cert.org"},{"url":"http://jira.codehaus.org/browse/JETTY-452","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/42497","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/27925","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/30941","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/35143","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.kb.cert.org/vuls/id/237888","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.securityfocus.com/bid/26697","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}