Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic Workshop/WebLogic Workshop 跨站脚本攻击漏洞
Vulnerability Description
BEA WebLogic Workshop存在跨站脚本攻击漏洞。远程攻击者通过在运行WebLogic Workshop 或 Apache Beehive NetUI 框架页面流(framework page flows)时候的一个"框架定义请求参数"("framework defined request parameter")来注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A