Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bea WebLogic/Liquid Data多个跨站脚本执行漏洞
Vulnerability Description
BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration和Liquid Data等。 BEA Systems多个产品包含跨站脚本执行问题,远程攻击者可以利用这个漏洞获得用于基于验证的COOKIE信息或进行其他攻击。 上述系统存在两个类型的XSS漏洞: 1、问题存在于Servlet container中,当浏览器发送转发指令时可产生此漏洞,静态URL如" http://www.bea.com "不能被利用,只要当一些类似如下的动态URL请求时
CVSS Information
N/A
Vulnerability Type
N/A