CVE-2005-1380

BEA WebLogic Server 8.1 - Cross-Site Scripting via Server Parameter in JndiFramesetAction

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1380. PoCs published by Alexander Kornbrust.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in BEA WebLogic Server and WebLogic Express administration console. The vulnerability arises from insufficient input sanitization, allowing arbitrary script execution in the context of a user's browser session.

Description

Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Alexander Kornbrust · textremotewindows

https://www.exploit-db.com/exploits/25546

View Code ZIP pw:eip

This exploit demonstrates a cross-site scripting (XSS) vulnerability in BEA WebLogic Server and WebLogic Express administration console. The vulnerability arises from insufficient input sanitization, allowing arbitrary script execution in the context of a user's browser session.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: BEA WebLogic Server and WebLogic Express

No auth needed

Prerequisites: Access to the target WebLogic administration console URL

MITRE ATT&CK