Unrated severityNVD Advisory· Published Feb 5, 2008· Updated Jun 16, 2026
CVE-2008-0178
CVE-2008-0178
Description
Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the User-Agent HTTP header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:liferay:liferay_enterprise_portal:4.3.6:*:*:*:*:*:*:*
- Range: 4.3.6
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/27547nvdExploitPatch
- secunia.com/advisories/28742nvdVendor Advisory
- www.kb.cert.org/vuls/id/326065nvdUS Government Resource
- support.liferay.com/browse/LEP-4736nvd
News mentions
0No linked articles in our index yet.