CVE-2003-1224
BEA WebLogic Server/Express 7.0 and 7.0.0.1 are affected by CVE-2003-1224 due to a bug in the JDBCConnectionPoolRuntimeMBean where the password is displayed on screen in cleartext. This allows local observers to read a user’s password via shoulder surfing. The vulnerability is classified with a l...