Liferay Enterprise Portal User Profile Greeting HTML Injection Vulnerability

Bugtraq ID: 27546
Class: Input Validation Error
CVE: CVE-2008-0180
Remote: Yes
Local: No
Published: Jan 31 2008 12:00AM
Updated: Jan 31 2008 10:07PM
Credit: Tomasz Kuczynski is credited with the discovery of this vulnerability.
Vulnerable: Liferay Enterprise Portal 5.1.2
Liferay Enterprise Portal 4.3.1
Liferay Enterprise Portal 4.1.3
Liferay Enterprise Portal 4.1.1
Liferay Enterprise Portal 4.1
Liferay Enterprise Portal 3.6.1
Liferay Enterprise Portal 2.2 .0
Liferay Enterprise Portal 2.1.1
Liferay Enterprise Portal 2.1 .0
Liferay Enterprise Portal 2.0 .x
Liferay Enterprise Portal 1.x
Liferay Enterprise Portal
Not Vulnerable: Liferay Enterprise Portal 4.4
Liferay Enterprise Portal 4.3.7


 

Privacy Statement
Copyright 2010, SecurityFocus