2 matches found
CVE-2005-4757
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" slash servlet root URL pattern, which might allow remote attackers to bypass intended servlet protections...
CVE-2005-4757
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, are affected by an issue where the servlet root URL pattern (/) is not properly constrained, potentially allowing remote attackers to bypass intended protections. The vulnerability is described across multiple ...