[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE requests : Liferay 6.0.6
From: Nicolas =?ISO-8859-1?Q?Gr=E9goire?= <nicolas.gregoire () agarri ! fr>
Date: 2011-03-29 7:35:53
Message-ID: 1301384153.3849.159.camel () new-desktop
[Download RAW message or body]
Hello,
version 6.0.6 of Liferay correct 3 security vulnerabilities related to
the processing of XSLT content and 2 XSS.
The full 6.0.6 Changelog :
http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952
Remote command execution :
http://issues.liferay.com/browse/LPS-14726
Arbitrary file disclosure via XXE :
http://issues.liferay.com/browse/LPS-14927
XSL/XML file disclosure via file:// :
http://issues.liferay.com/browse/LPS-13762
XSS vulnerability :
http://issues.liferay.com/browse/LPS-11506
XSS in message boards :
http://issues.liferay.com/browse/LPS-12628
Regards,
Nicolas Grégoire
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic