Bea Systems: >> Weblogic Express Security Vulnerabilities
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
CVSS Score
6.0
EPSS Score
0.08
Published
2008-02-22
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.
CVSS Score
4.3
EPSS Score
0.005
Published
2008-02-22