Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2008-0181
cve-2008-0181
cross-site scripting
xss vulnerability
liferay portal 4.3.6
admin portlet
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.7%
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
Affected configurations
Node
liferayliferay_enterprise_portalMatch4.3.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| liferay:liferay_enterprise_portal | liferay liferay enterprise portal | eq | 4.3.6 |
Related
nvd
nvd
CVE-2008-0181
2008-02-05 00:00:00
cvelist
cvelist
CVE-2008-0181
2022-10-03 16:14:05
cert
cert
Liferay Portal Admin portlet Shutdown message XSS
2008-01-31 00:00:00
prion
prion
Cross site scripting
2008-02-05 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.7%
Related for CVE-2008-0181