← back
CVE-2000-1238

CVE-2000-1238

EPSS 2.7%
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.ziphttps://exchange.xforce.ibmcloud.com/vulnerabilities/5588http://www.securityfocus.com/bid/5089