HTTP: WebLogic Admin Console Cross-Site Scripting
This signature detects a cross-site scripting attack against the Admin Console portion of BEA WebLogic products. By persuading a WebLogic administrator to follow specially crafted Admin Console links, an attacker can inject arbitrary HTML content into pages returned by the WebLogic server. Successful exploitation can disclose privileged WebLogic server credentials to the attacker.
Extended Description
BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'LoginForm.jsp' script. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. This issue was originally released as part of BID 13717 (BEA WebLogic Server and WebLogic Express Multiple Remote Vulnerabilities). Due to the availability of more information, this vulnerability is being assigned a new BID.
Affected Products
Bea_systems weblogic_server_for_win32
Short Name
HTTP:XSS:BEA-ADMIN-CONSOLE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Admin CVE-2005-1747 Console Cross-Site Scripting WebLogic bid:13793
Release Date
02/24/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Bea_systems
CVSS Score
6.8