VYPR

Maven package

com.liferay.portal/portal-service

pkg:maven/com.liferay.portal/portal-service

Vulnerabilities (2)

  • CVE-2010-5327HigJan 13, 2017
    affected < 6.2.11fixed 6.2.11

    Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template.

  • CVE-2011-1571May 7, 2011
    affected >= 5.0.0, < 6.0.6-gafixed 6.0.6-ga

    Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.