CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Liferay: >> Liferay Portal Enterprise Security Vulnerabilities

CVE-2005-4400

Cross-site scripting (XSS) vulnerability in downloads/portal_ent in Liferay Portal Enterprise 3.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) _77_struts_action, (2) p_p_mode, and (3) p_p_state parameters.

CVSS Score

4.3

EPSS Score

0.024

Published

2005-12-20

Page 1

Vulnerabilities

Vulnerable Software

Liferay: >> Liferay Portal Enterprise Security Vulnerabilities

Products

Pricing

Contact Us