NuytsTech Security

CVE-2011-1504

by ·

Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title.

Date published : 2011-05-07

http://issues.liferay.com/browse/LPS-11506

http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952

Tags: