The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

source : https://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HTTP request is appended with one of the following characters: . %2E + %2B %5C %20 %00 For example, the following URL will yield the source of the specified JSP file: http://target/directory/jsp/file.jsp. Successful exploitation could lead to the disclosure of sensitive information contained within JSP pages. Any of the following URL requests will yield the source of the specified JSP file: http://target/directory/jsp/file.jsp. http://target/directory/jsp/file.jsp%2E http://target/directory/jsp/file.jsp+ http://target/directory/jsp/file.jsp%2B http://target/directory/jsp/file.jsp\ http://target/directory/jsp/file.jsp%5C http://target/directory/jsp/file.jsp%20 http://target/directory/jsp/file.jsp%00