Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on the cloud. The vulnerability, spotted by the researchers from KnownSec 404, allows attackers to remotely execute arbitrary commands on the affected servers just by sending a specially crafted HTTP request. The company has not yet released a patch to fix the vulnerability, which affects all versions of the software. The affected versions are as follows: Oracle Web Logic 10.1.3 and 12.3.
Source: https://thehackernews.com/2019/04/oracle-weblogic-hacking.html

