BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the URI for the Portal Administration Console to an http URI, which allows remote malicious users to sniff the session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea systems weblogic portal 9.2 |
||
oracle weblogic portal 9.2 |
||
bea systems weblogic portal 10.0 |