Exploit for Cross-site Scripting in Liferay Liferay_Portal

Authenticated Stored XSS in LifeRay 7.2.1 GA2 via MyAccountPor...

CVE-2004-2320

The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are...

CVE-2012-2223

The xplat agent in Novell ZENworks Configuration Management ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing XST attacks via unspecified vectors...

Cross site scripting

The xplat agent in Novell ZENworks Configuration Management ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing XST attacks via unspecified vectors...

CVE-2012-2223

The xplat agent in Novell ZENworks Configuration Management ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing XST attacks via unspecified vectors...

CVE-2007-3008

Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing XST attacks, a related issue to CVE-2004-2320 and CVE-2005-3398...

CVE-2007-3008

CVE-2007-3008 affects Mbedthis AppWeb prior to 2.2.2. The vulnerability is that HTTP TRACE is enabled, which can lead to information leakage and cross-site tracing (XST) concerns. This entry is corroborated by related advisories in the connected documents, which note the TRACE method as the root ...

CVE-2004-2320

Technical details for CVE-2004-2320 are not publicly available in the provided documents. Monitor for updates from official advisories.