CVE-2008-0179 (Liferay Enterprise Portal) |
|
| BugsAlert Home > CVE-2008-0179 (Liferay Enterprise Portal) | |
|
Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, which is used when composing Forgot Password e-mail messages in HTML format. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0179 Learn more about CVE-2008-0179 (Liferay Enterprise Portal) |
|
| Tags: cve-2008-0179 liferay enterprise portal | |
Related Items |
|
|
CVE-2008-4323 (windows_xp)
|
|
|
Asterisk Call Detail Record Postgres SQL Injection
|
|
|
CVE-2008-2631 (MDaemon)
|
|
|
Mandriva: Updated clamav packages fix multiple
|
|
|
FrSIRT - WebStudio CMS "pageid" Remote SQL Injection Vulnerability
|
|
|
CVE-2008-0142 (WebPortal CMS)
|
|
|
Trojan.BAT.KillFiles.gd
|
|
