CVE-2008-0866
CVE-2008-0866 affects BEA WebLogic Workshop (via NetUI page flows) and is caused by cross-site scripting vulnerabilities where an invalid action URI is not properly handled, enabling injection of arbitrary script/HTML. The NVD entry documents the weakness and its CVSS v2 base score of 4.3 (Medium...