Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic 多个安全漏洞
Vulnerability Description
Oracle WebLogic是美国甲骨文(Oracle)公司的一款基于Java(J2EE)架构的应用服务器。 BEA Systems WebLogic 8.1 SP1中存在多个安全漏洞。 远程攻击者可破坏Web高速缓存、绕过Web应用程序防火墙保护,以及通过同时具有"Transfer-Encoding: chunked"头和Content-Length(内容长度)头的HTTP请求执行XSS攻击。
CVSS Information
N/A
Vulnerability Type
N/A