CVE-2000-1238

2005-11-1621:17:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.9%

JSON

BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.

References

ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.zip

www.securityfocus.com/bid/5089

exchange.xforce.ibmcloud.com/vulnerabilities/5588