Description:
|
Secunia Security Advisory SA11356 - A security issue has been discovered in BEA WebLogic Server and WebLogic Express, which may lead to inappropriate privileges being granted. The problem arises if a parent group is deleted because child groups remains a member, after the parent group is deleted. If a parent group is re-created and granted higher privileges, those privileges are inherited by any group, which was a member of the group before being deleted. Versions affected are Server and Express 7.x through 8.x.
|