Shodan
Vulnerabilities
Vulnerable Software
Liferay:  >> Liferay Portal  >> 6.2.2  Security Vulnerabilities
CVE-2016-10404
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-07
CVE-2017-12645
XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-07
CVE-2017-12646
XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, password, or e-mail address.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-07
CVE-2017-12647
XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-07
CVE-2017-12648
XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-07
CVE-2017-12649
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-07
CVE-2010-5327
Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template.
CVSS Score
8.8
EPSS Score
0.015
Published
2017-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved