Lucene search
Veracode Vulnerability DatabaseVERACODE:13512HistoryMar 25, 2019 - 8:40 a.m.
Cross-Site Scripting (XSS)
2019-03-2508:40:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
47.6%
Liferay portal is vulnerable to cross-site scripting (XSS). It allows remote authenticated users to inject arbitrary web script or HTML into a victim’s browser via the blog title.
| CPE | Name | Operator | Version |
|---|---|---|---|
| liferay portal impl | le | 6.0.5 |
References
issues.liferay.com/browse/LPS-11506
issues.liferay.com/browse/LPS-12145
issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952
openwall.com/lists/oss-security/2011/03/29/1
openwall.com/lists/oss-security/2011/04/08/5
openwall.com/lists/oss-security/2011/04/11/9
issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952
Related
prion
prion
Cross site scripting
2011-05-07 19:55:00
nvd
nvd
CVE-2011-1504
2011-05-07 19:55:01
cve
cve
CVE-2011-1504
2022-10-03 16:15:10
cvelist
cvelist
CVE-2011-1504
2022-10-03 16:15:10
nessus
nessus
Liferay Portal < 6.0.6 Multiple Vulnerabilities
2012-05-22 00:00:00