Name | weblogic_el_injection |
CVE | CVE-2020-14882 |
Exploit Pack | CANVAS |
Description | weblogic_el_injection |
Notes | CVE Name: CVE-2020-14882 NOTES: Oracle WebLogic Server, a product of Oracle Fusion Middleware is vulnerable to an Expression Language Injection vulnerability. Successful attacks of this vulnerability can result in a complete takeover of the WebLogic server. Tested against: - 12.2.1.3.0 CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2020-14882 CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Date public: 10/21/2020 |
Learn more about the CANVAS Exploit Pack here: CANVAS |