Unrated severityNVD Advisory· Published May 7, 2011· Updated Jun 16, 2026
CVE-2011-1503
CVE-2011-1503
Description
The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <6.0.6
Patches
Vulnerability mechanics
References
5- issues.liferay.com/browse/LPS-13762nvdIssue TrackingVendor Advisory
- issues.liferay.com/secure/ReleaseNote.jspanvdIssue TrackingRelease NotesVendor Advisory
- openwall.com/lists/oss-security/2011/03/29/1nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/08/5nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/11/9nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.