BEA Systems WebLogic Integration 7.0
Approved changes feed: RSS · Atom
cpe:2.3:a:bea:weblogic_integration:7.0:*:*:*:*:*:*:*
part: a version: 7.0 update: *
| Vendor | Bea (c4fe31a7-8f48-5c00-b7c2-e6a20391219c) |
|---|---|
| Product | Weblogic Integration (a9c783f3-5e4e-50c8-955c-d1c29c1e056a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2003-0733 |
vulnerable | 2026-06-03 14:26:26.393603 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application.
Published: 2003-09-04T04:00:00.000Z
Updated: 2024-08-08T02:05:12.198Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2002-2142 |
vulnerable | 2026-06-03 14:26:23.268258 |
Details available
An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension.
Published: 2005-11-16T21:17:00.000Z
Updated: 2024-08-08T03:51:17.671Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.