CVE-2006-1358
BEA WebLogic Portal 8.1 up to SP5 exposes a session-cache leakage in JSR-168 Portlets, allowing one user to view another user’s Portlet. Root cause: Portlet retrieval from cache for the wrong session. Impact: partial confidentiality breach. Remediation: apply the SP5 patch (CR259534_81SP5.zip) as...