CVE-2008-0896
BEA WebLogic Portal 10.0 and 9.2 through MP1 are affected. When an administrator deletes a single content portlet instance, entitlement policies for other content portlets are removed, allowing an attacker to bypass intended access restrictions. The available documents do not specify a patch or w...