- Home
- CVEs with nessus.description==The remote web server is using the WebLogic plug-in for Apache, IIS, or Sun web servers, a module included with Oracle (formerly BEA) WebLogic Server and used to proxy requests from an HTTP server to WebLogic.
The version of this plug-in on the remote host is affected by an HTTP injection vulnerability because it fails to sanitize request headers of special characters, such as new lines, before passing them to WebLogic application servers.
An unauthenticated, remote attacker may be able to exploit this issue to conduct a variety of attacks, such as trusted header injection and HTTP request smuggling.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top