Jetty 6.x/7.x Multiple Vulnerabilities - EDB-9887

On October 26, 2009, the Exploit-DB portal published a technical advisory regarding multiple vulnerabilities in the Jetty server (versions 6.x and < 7.x), signed by Francesco “ascii” Ongaro together with Giovanni “evilaliv3” Pellerano and Antonio “s4tan” Parata. The documented flaws included Cross-Site Scripting, information disclosure, and escape sequence injection, with an impact classified as medium (CVSS 5/10). The bulletin was entered into the database with ID EDB-9887 and represented a significant technical contribution to the security community, also documenting the vendor’s lack of timely response. Ongaro is credited as the main author and copyright holder of the document.