A vulnerability has been reported in Jetty, which can be exploited by malicious people to disclose certain sensitive information.
The vulnerability is caused due to an error in validating the request URL. This can be exploited to disclose the source code of ".jsp" files on the Windows platform by appending an URL encoded backslash ("%5C") at the end of the file extension of the requested ".jsp" file.
The vulnerability has been reported in version 5.1.5. Prior versions may also be affected.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org