Hey guys,
I know Jetty is not vulnerable to this issue reported in CVE-2018-1199 in products such as JBoss Fuse, because it doesn't return path parameters. What about Jetty in XAP? We're now moving to the latest version in our product, so I'm more concerned about the web container that comes with this latest version.
Cheers,
Pedro
↧