2 matches found
CVE-2009-1294
Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...
CVE-2009-1294
CVE-2009-1294 affects Novell Teaming 1.0 up to SP3 (1.0.3) with XSS in web/guest/home, caused by improper validation/escaping of p_p_state and p_p_mode parameters. Remote attackers can inject arbitrary scripts; impact is web-page script execution. Public details reference Liferay 4.3.0 portal con...