Security Advisory

CVE-2011-1503

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-05-07 19:00:00

Last updated 2024-09-17 01:50:53

Assigner redhat

State PUBLISHED

Description

The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.

← Browse all CVEs View on cve.org ↗