BEA.WebLogic.Server.Express.XSS
Description
This indicates an attack attempt against some cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and WebLogic Express which could lead to arbitrary code execution via a specially crafted web page.
Affected Products
BEA WebLogic Server 8.1 released through Service Pack 4, on all platforms.
BEA WebLogic Server 7.0 released through Service Pack 6, on all platforms.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
http://dev2dev.bea.com/pub/advisory/130
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |