CVE-2005-1380

Name of the Vulnerable Software and Affected Versions BEA Admin Console version 8.1 Oracle WebLogic Server Admin Console (affected versions not specified)

Description The issue is related to a cross-site scripting (XSS) vulnerability that allows remote attackers to execute arbitrary web script or HTML. This is due to the failure to neutralize script-related HTML tags on a web page. The vulnerability can be exploited by a remote attacker to perform cross-site scripting attacks.

Recommendations For BEA Admin Console version 8.1, update the software to a version that includes a fix for this issue. For Oracle WebLogic Server Admin Console, at the moment, there is no information about a newer version that contains a fix for this vulnerability.