CVE-2011-1504

Cross-site scripting XSS vulnerability in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title...

Liferay Portal < 6.0.6 Multiple Vulnerabilities

According to its self-reported version number, the installation of Liferay Portal hosted on the remote web server is affected by multiple vulnerabilities : - An arbitrary file download vulnerability exists when Apache Tomcat is used, which allows remote, authenticated users to download arbitrary...

CVE-2011-1504

Cross-site scripting XSS vulnerability in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title...

CVE-2011-1504

Cross-site scripting XSS vulnerability in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title...

CVE-2011-1504

CVE-2011-1504 is an XSS vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x up to, but not including, 6.0.6 GA . It allows remote authenticated users to inject arbitrary web script or HTML via a blog title. The issue is remedied by upgrading to 6.0.6 GA (or later) where the fix is ...