Having path traversal issues allowing pre-auth code execution in your enterprise application platform is quite emberassing already, especially when attackers find out about the flaw earlier than you do. No wonder Oracle rushed to provide a fix for WebLogic’s actively exploited CVE-2020-14883, only to be reminded by the people of the Internet, that the sloppy filter list can be bypassed by changing the case of the payload.
recognize both excellence and incompetence in the field of information security