|
Family: CGI abuses --> Category: infos
BEA WebLogic Scripts Server scripts Source Disclosure (3) Vulnerability Scan
Vulnerability Scan Summary BEA WebLogic may be tricked into revealing the source code of JSP scripts.
Detailed Explanation for this Vulnerability Test
BEA WebLogic may be tricked into revealing the source code of JSP scripts
by prefixing the path to the .jsp files by /*.shtml/
Solution: Use the official patch available at http://www.bea.com
or upgrade to a version newer than 5.1
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|