Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 up to and including 10.0 allows remote malicious users to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea weblogic server 9.2 |
||
bea weblogic server 9.0 |
||
bea weblogic server 9.1 |
||
bea weblogic server 10.0 |