Back to search
CVE-2008-0869
Published: Feb 21, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1019438
vdb-entry
x_refsource_SECTRACK
BEA08-189.00
vendor-advisory
x_refsource_BEA
29041
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0612
vdb-entry
x_refsource_VUPEN
ADV-2008-0611
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now