On BugTRAQ Jetty/3.1.RC8 is reported vulnerable to the\%3f.jsp directory content vulnerability.What about the versions that come bundled with JBoss (e.g. 2.4.3) ?
Uh oh!I forgot to mention: Tomcat Web Server/3.2.3 too !Same question here.
I'm pretty sure this has been sorted in Jetty.You should ask the question on the Jetty list:email@example.comJules
Retrieving data ...