Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 up to and including 7.0, allow remote malicious users to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea liquid data 1.1 |
||
bea weblogic integration 2.0 |
||
bea weblogic integration 7.0 |
||
bea weblogic server 5.1 |
||
bea weblogic server 7.0 |