VULHUB ™

Certain versions of BEA Systems Weblogic server ship with a vulnerability which allows malicious users to view the source documents which reside in the web document root directory. This is possible due to a mistake in the provided weblogic.properties configuration which manifests itself if a user sends a request prefixed with /ConsoleHelp/ . This will result in the Fileservlet being forced to display documents in the unparsed (raw precompiled) formats.

Certain versions of BEA Systems Weblogic server ship with a vulnerability which allows malicious users to view the source documents which reside in the web document root directory. This is possible due to a mistake in the provided weblogic.properties configuration which manifests itself if a user sends a request prefixed with /ConsoleHelp/ . This will result in the Fileservlet being forced to display documents in the unparsed (raw precompiled) formats.