Title:Eclipse Jetty 安全漏洞 (CVE-2021-28164) Description:Eclipse Jetty是Eclipse基金会的一个开源的、基于Java的Web服务器和Java Servlet容器。 Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224 存在安全漏洞,该漏洞允许请求的uri包含%2e or %2e%2e访问WEB-INF目录中受保护资源。
File Snapshot
# Jetty Ambiguous Paths Information Disclosure Vulnerability (CVE-2021-28164)
[中文版本(Chinese version
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.