2 matches found
CVE-2016-6517
CVE-2016-6517 describes a directory traversal vulnerability in Liferay 5.1.0. The issue affects the barebone.jsp path, where an attacker can supply an encoded path traversal sequence (%2E%2E) via the minifierBundleDir parameter, potentially leading to access to arbitrary files. The connected docu...
CVE-2016-6517
Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E encoded dot dot in the minifierBundleDir parameter to barebone.jsp...