| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-6173 | 4.3 |
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-200
|
15-10-2018 - 21:50 | 30-11-2007 - 00:46 | |
| CVE-2007-6055 | 4.3 |
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Portal 4.1.0 and 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter. NOTE: this issue reportedly exists because of a regression that foll
|
15-10-2018 - 21:49 | 20-11-2007 - 20:46 | |
| CVE-2009-1294 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 (1.0.3) allow remote attackers to inject arbitrary web script or HTML via the (1) p_p_state or (2) p_p_mode parameters
|
10-10-2018 - 19:35 | 16-04-2009 - 15:12 | |
| CVE-2009-1293 | 5.0 |
The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
|
10-10-2018 - 19:35 | 16-04-2009 - 15:12 |