Liferay Enterprise Portal 'User-Agent' HTTP Header Script Injection Vulnerability

Bugtraq ID: 27550
Class: Input Validation Error
CVE: CVE-2008-0179
Remote: Yes
Local: No
Published: Jan 31 2008 12:00AM
Updated: Jan 31 2008 10:57PM
Credit: Tomasz Kuczynski is credited with the discovery of this vulnerability.
Vulnerable: Liferay Enterprise Portal 4.3.6
Liferay Enterprise Portal 4.3.1
Liferay Enterprise Portal 4.1.3
Liferay Enterprise Portal 4.1.1
Liferay Enterprise Portal 4.1
Liferay Enterprise Portal 3.6.1
Liferay Enterprise Portal 2.2 .0
Liferay Enterprise Portal 2.1.1
Liferay Enterprise Portal 2.1 .0
Liferay Enterprise Portal 2.0 .x
Liferay Enterprise Portal 1.x
Liferay Enterprise Portal
Not Vulnerable: Liferay Enterprise Portal 4.4
Liferay Enterprise Portal 4.3.7


 

Privacy Statement
Copyright 2010, SecurityFocus