• info
• discussion
• exploit
• solution
• references

WebLogic Portal CVE-2007-2702 Cross-Site Scripting Vulnerability

WebLogic Portal is prone to a cross-site scripting vulnerability. Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor.