Oracle.WebLogic.Server.Console-help.Portal.XSS
Description
This indicates an attack attempt against a cross-site scripting (XSS) vulnerability in BEA Weblogic Server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted console-help.portal page. It allows a remote attacker to inject arbitrary HTML and JavaScript code.
Affected Products
Oracle Weblogic Server 10.3
Impact
System compromise
Recommended Actions
Apply the patch available at the following website:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-22 | 16.984 | Name:Oracle. BEA. Weblogic. Server. Console-help. Portal. XSS:Oracle. WebLogic. Server. Console-help. Portal. XSS |
2018-10-16 | 13.473 | Sig Added |