Lucene search

[email protected]NVD:CVE-2011-1504

HistoryMay 07, 2011 - 7:55 p.m.

CVE-2011-1504

2011-05-0719:55:01

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

47.7%

JSON

Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title.

Affected configurations

Nvd

Node

liferayportalMatch5.0.0rccommunity

liferayportalMatch5.0.1rccommunity

liferayportalMatch5.1.0community

liferayportalMatch5.1.1community

liferayportalMatch5.1.2community

liferayportalMatch5.2.0community

liferayportalMatch5.2.1community

liferayportalMatch5.2.2community

liferayportalMatch5.2.3community

liferayportalMatch6.0.0community

liferayportalMatch6.0.1community

liferayportalMatch6.0.2community

liferayportalMatch6.0.3community

liferayportalMatch6.0.4community

liferayportalMatch6.0.5community

VendorProductVersionCPE
liferayportal5.0.0cpe:2.3:a:liferay:portal:5.0.0:rc:community:*:*:*:*:*
liferayportal5.0.1cpe:2.3:a:liferay:portal:5.0.1:rc:community:*:*:*:*:*
liferayportal5.1.0cpe:2.3:a:liferay:portal:5.1.0:*:community:*:*:*:*:*
liferayportal5.1.1cpe:2.3:a:liferay:portal:5.1.1:*:community:*:*:*:*:*
liferayportal5.1.2cpe:2.3:a:liferay:portal:5.1.2:*:community:*:*:*:*:*
liferayportal5.2.0cpe:2.3:a:liferay:portal:5.2.0:*:community:*:*:*:*:*
liferayportal5.2.1cpe:2.3:a:liferay:portal:5.2.1:*:community:*:*:*:*:*
liferayportal5.2.2cpe:2.3:a:liferay:portal:5.2.2:*:community:*:*:*:*:*
liferayportal5.2.3cpe:2.3:a:liferay:portal:5.2.3:*:community:*:*:*:*:*
liferayportal6.0.0cpe:2.3:a:liferay:portal:6.0.0:*:community:*:*:*:*:*

Vendor	Product	Version	CPE
liferay	portal	5.0.0	cpe:2.3:a:liferay:portal:5.0.0:rc:community:::::*
liferay	portal	5.0.1	cpe:2.3:a:liferay:portal:5.0.1:rc:community:::::*
liferay	portal	5.1.0	cpe:2.3:a:liferay:portal:5.1.0::community:::::
liferay	portal	5.1.1	cpe:2.3:a:liferay:portal:5.1.1::community:::::
liferay	portal	5.1.2	cpe:2.3:a:liferay:portal:5.1.2::community:::::
liferay	portal	5.2.0	cpe:2.3:a:liferay:portal:5.2.0::community:::::
liferay	portal	5.2.1	cpe:2.3:a:liferay:portal:5.2.1::community:::::
liferay	portal	5.2.2	cpe:2.3:a:liferay:portal:5.2.2::community:::::
liferay	portal	5.2.3	cpe:2.3:a:liferay:portal:5.2.3::community:::::
liferay	portal	6.0.0	cpe:2.3:a:liferay:portal:6.0.0::community:::::

Rows per page:

1-10 of 151

References

issues.liferay.com/browse/LPS-11506

issues.liferay.com/browse/LPS-12145

issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952

openwall.com/lists/oss-security/2011/03/29/1

openwall.com/lists/oss-security/2011/04/08/5

openwall.com/lists/oss-security/2011/04/11/9

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

47.7%

JSON

Related for NVD:CVE-2011-1504

cve1 cvelist1 prion1 veracode1 nessus1