There is a Java vulnerability where an attacker can exploit the hash predictability. The exploit is apparently easier when the content is larger. So the workaround is to limit the size of HTTP POSTÂ requests. Weblogic’s 10.3 config.xml has a max-post-size which does this. The handling of when the condition is reached is pathetic. It closes…