Update SoapUI to use Jetty 7.0.1 or later version to remediate XSS vulnerabilities

Question

Hi, is there any plan to upgrade SoapUI to use Jetty 7.0.1 or later version because versions 6.x and 7.0.0 have remote XSS vulnerabilities (https://nvd.nist.gov/vuln/detail/CVE-2009-4610) that can let remote users to run arbitrary commands?&nbsp;Thanks

sander · Answer

Hi,&nbsp;I would also like to know when an update will be available.Our security team will block the use of SoapUI if i do not update soon.

t4103gf · Answer

Can I get an official response from SmartBear? My organization will pull the plug on SoapUI this April 3rd if this issue is not addressed.

gilderdale · Answer

I know some software that allows remote control likeanydeskfive nights at freddy's

Forum Discussion

Update SoapUI to use Jetty 7.0.1 or later version to remediate XSS vulnerabilities

Related Content

log4j vulnerability in older versions

Log4J vulnerability

SoapUI 5.5.0 Log4j vulnerability

Does SoapUI 5.6.0 has log4j vulnerability?

Does SoapUI 5.6 version has log4j security Vulnerability issue?

Recent Discussions

What is purpose if inspector pane in SoapUI?

How do I change password and Username on every call in a Test Case in SoapUI?

Content-Length calculation wrong when posting UTF-8 content

Error exception in phase 'semantic analysis' with java 21

Generate positive long integer?