3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.7%
Oracle WebLogic Server contains a cross-site scripting vulnerability on the management console.
An arbitrary script may be executed on the browser of the user who is logged into the administration console of Oracle WebLogic Server.
Update the Software
Apply the latest update according to the information provided by the developer.