Unrated severityNVD Advisory· Published May 7, 2011· Updated Jun 16, 2026
CVE-2011-1502
CVE-2011-1502
Description
Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <6.0.6
Patches
Vulnerability mechanics
References
4- issues.liferay.com/browse/LPS-14927nvdIssue TrackingVendor Advisory
- openwall.com/lists/oss-security/2011/03/29/1nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/08/5nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/11/9nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.