CVE-2011-1504
Published May 7, 2011
Last updated 13 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:liferay:portal:5.0.0:rc:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86AD6094-E4EB-475E-A374-978CD00AA5AC"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.0.1:rc:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A014F89-F957-488F-9FF4-67F9EE9EE4A8"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.1.0:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3263932E-3A41-41E3-9F77-73FC51B213C8"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.1.1:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B16B7BDA-AAE9-4833-91E6-587DAC61E5CD"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.1.2:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6E3F406-1FE1-4321-9273-1F017648A7E0"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.2.0:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82F1E696-9040-4D4A-BA99-E745EC085B9C"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.2.1:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFAADC3E-80FB-4135-B489-EC02A9A41382"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.2.2:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65690437-8494-4D96-B2B2-99DCAD7A4688"
},
{
"criteria": "cpe:2.3:a:liferay:portal:5.2.3:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E399C486-E3E1-4338-8D04-1D8263FD0DEF"
},
{
"criteria": "cpe:2.3:a:liferay:portal:6.0.0:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4F553E6-7DFE-473D-8EBF-BBB85F013AD6"
},
{
"criteria": "cpe:2.3:a:liferay:portal:6.0.1:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDBB1E2F-9F65-482A-8C85-1E2D9FD13DC1"
},
{
"criteria": "cpe:2.3:a:liferay:portal:6.0.2:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B280448B-071C-4285-8E3B-45E5CAD397B8"
},
{
"criteria": "cpe:2.3:a:liferay:portal:6.0.3:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D702FD60-1FDA-48D1-A534-2637B7F130E4"
},
{
"criteria": "cpe:2.3:a:liferay:portal:6.0.4:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CC37883-18D2-416B-B960-53EF92F3125E"
},
{
"criteria": "cpe:2.3:a:liferay:portal:6.0.5:*:community:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1782D8A-DC53-4639-8313-EA7715CADCBE"
}
],
"operator": "OR"
}
]
}
]