Vulnerabilities > CVE-2009-1975 - Cross-Site Scripting vulnerability in Oracle BEA Product Suite 10.3

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
oracle
exploit available
NVD
Published: 2009-07-14
Updated: 2017-08-17

Summary

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality, integrity, and availability, related to the WLS Console Package.

Vulnerable Configurations

Part Description Count
Application
Oracle
1

Exploit-Db

descriptionOracle Weblogic Server 10.3 'console-help.portal' Cross Site Scripting Vulnerability. CVE-2009-1975. Remote exploits for multiple platform
idEDB-ID:33079
last seen2016-02-03
modified2009-06-14
published2009-06-14
reporterAlexandr Polyakov
sourcehttps://www.exploit-db.com/download/33079/
titleOracle Weblogic Server 10.3 - 'console-help.portal' Cross-Site Scripting Vulnerability

References