Vulnerability
Description
Information leakage vulnerability has been found in the Jetty web server before 9.2.9.v20150224 that allows an unauthenticated remote attacker to read arbitrary data from process memory via illegal characters in an HTTP header.
This can lead to the disclosure of sensitive data, including usernames, authentication tokens, passwords, CSRF tokens, etc.
Recommendation
Encrypt all sensitive data
Update to the latest version
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
