CVE-2003-0733: XSS
First published: Thu Sep 04 2003(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BEA Weblogic Server | =5.1 | |
| BEA WebLogic Integration | =2.0 | |
| Bea Liquid Data | =1.1 | |
| BEA WebLogic Integration | =7.0 | |
| BEA Weblogic Server | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/bea
- canonical/bea weblogic server
- version/bea weblogic server/5.1
- canonical/bea weblogic integration
- version/bea weblogic integration/2.0
- canonical/bea liquid data
- version/bea liquid data/1.1
- version/bea weblogic integration/7.0
- version/bea weblogic server/7.0