cbcvebase.
CVE-2000-1238
published 2000-12-31

CVE-2000-1238: BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL…

PriorityP424high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.73%
84.2th percentile
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.

Affected

1 ranges
VendorProductVersion rangeFixed in
beaweblogic_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.