CVE-2008-0900
CVE-2008-0900 affects BEA WebLogic Server and Express versions 8.1 SP4–SP6, 9.2 MP1, and 10.0. The root cause is a session fixation vulnerability that allows remote authenticated users to hijack web sessions via unknown vectors. Affected components are web session handling functions in these BEA ...