PT-2007-4019 · Bea · Bea Weblogic Portal
Published
2007-05-16
·
Updated
2018-10-30
·
CVE-2007-2702
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
BEA WebLogic Portal version 9.2 GA
Description
The issue is related to a cross-site scripting (XSS) vulnerability in the GroupSpace application. This vulnerability allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor.
Recommendations
For BEA WebLogic Portal version 9.2 GA, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Bea Weblogic Portal