3 matches found
CVE-2014-8349
Cross-site scripting XSS vulnerability in Liferay Portal Enterprise Edition EE 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the 20body parameter in the comment field in an uploaded file...
CVE-2014-8349
Cross-site scripting XSS vulnerability in Liferay Portal Enterprise Edition EE 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the 20body parameter in the comment field in an uploaded file...
Liferay Portal 6.2 EE SP8 Cross Site Scripting Vulnerability
Liferay Portal versions 6.2 EE SP8 and below suffer from a cross site scripting vulnerability. - Vendor Status: CONFIRMED - Vendor Disclosure Date: October 17th 2014 - Public Disclosure Date: November 14th 2014 - Affected Vendor: LIFERAY - http://www.liferay.com/ - Affected System: Liferay Portal...