Liferay Enterprise Portal Admin Portlet Shutdown Message HTML Injection Vulnerability

Bugtraq ID: 27554
Class: Input Validation Error
CVE: CVE-2008-0181
Remote: Yes
Local: No
Published: Jan 31 2008 12:00AM
Updated: Jan 31 2008 10:57PM
Credit: Tomasz Kuczynski is credited with the discovery of this vulnerability.
Vulnerable: Liferay Enterprise Portal 5.1.2
Liferay Enterprise Portal 4.3.1
Liferay Enterprise Portal 4.1.3
Liferay Enterprise Portal 4.1.1
Liferay Enterprise Portal 4.1
Liferay Enterprise Portal 3.6.1
Liferay Enterprise Portal 2.2 .0
Liferay Enterprise Portal 2.1.1
Liferay Enterprise Portal 2.1 .0
Liferay Enterprise Portal 2.0 .x
Liferay Enterprise Portal 1.x
Liferay Enterprise Portal
Not Vulnerable: Liferay Enterprise Portal 4.4
Liferay Enterprise Portal 4.3.7


 

Privacy Statement
Copyright 2010, SecurityFocus