Jetty Directory Listing Cross Site Scripting Exploit

A Cross-Site scripting vulnerability has been reported in Jetty. This vulnerability can be induced whenever Jetty displays a web directory listing. Client-side script code can be included in the HTTP response by appending it next to directory listing's path, preceded by a ';' character.
Vulnerabilty ID: 
CVE-2009-1524
Released Date: 
Wednesday, September 23, 2009 - 19:00