Back to search
CVE-2011-1502
Published: May 7, 2011
Modified: Sep 16, 2024
PUBLISHED
Description
Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://issues.liferay.com/browse/LPS-14927
x_refsource_CONFIRM
[oss-security] 20110408 Re: CVE requests : Liferay 6.0.6
mailing-list
x_refsource_MLIST
[oss-security] 20110411 Re: CVE requests : Liferay 6.0.6
mailing-list
x_refsource_MLIST
[oss-security] 20110329 CVE requests : Liferay 6.0.6
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now