Access Control Bypass in BEA Systems WebLogic Server

Access Control Bypass in BEA Systems WebLogic Server

CVE-2000-1238 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.

Learn more about our Web App Pen Testing.