Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic Server/Express/Integration应用程序移植安全策略存在漏洞
Vulnerability Description
BEA Systems WebLogic包含多种系统集成方案,包括Server/Express/Integration等。 当使用WebLogic Integration 7.0或7.0 Service Pack 1或者当移植WEB应用程序到WebLogic Server 7.0 Service Pack 1时,存在安全漏洞可以导致运行的WEB应用程序不需要遵循已经设置的安全策略。 WebLogic Server 7.0 Service Pack 1中的WEB应用程序存在安全漏洞,在WebLogic Se
CVSS Information
N/A
Vulnerability Type
N/A