Unrated severityNVD Advisory· Published May 7, 2011· Updated Jun 16, 2026
CVE-2011-1570
CVE-2011-1570
Description
Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <6.0.6
Patches
Vulnerability mechanics
References
6- issues.liferay.com/browse/LPS-13250nvdExploitIssue TrackingVendor Advisory
- issues.liferay.com/browse/LPS-12628nvdIssue TrackingVendor Advisory
- issues.liferay.com/secure/ReleaseNote.jspanvdRelease NotesVendor Advisory
- openwall.com/lists/oss-security/2011/03/29/1nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/08/5nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/11/9nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.