2000-10-13 04:00:00
mitre
PUBLISHED
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.