CVE-2004-2030
published 2004-05-22CVE-2004-2030: Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.08%
79.2th percentile
Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| liferay | liferay_enterprise_portal | <= 2.1.1 | — |
| liferay | liferay_enterprise_portal | — | — |
| liferay | liferay_portal | 6.0.0 – 6.0.5 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gjpw-cmmh-976v: Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2011-1570 [MEDIUM] CWE-79 GHSA-gjpw-cmmh-976v: Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6
Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
GHSA
GHSA-xh4h-8w7q-32rw: Multiple cross-site scripting (XSS) vulnerabilities in index
ghsa_unreviewed·2022-04-29
CVE-2004-2030 [MEDIUM] CWE-79 GHSA-xh4h-8w7q-32rw: Multiple cross-site scripting (XSS) vulnerabilities in index
Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject.
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=108526683823840&w=2http://marc.info/?l=bugtraq&m=110141194202856&w=2http://secunia.com/advisories/11692http://securitytracker.com/id?1010259http://sourceforge.net/project/shownotes.php?release_id=252060http://www.osvdb.org/6346http://www.securityfocus.com/bid/10402https://exchange.xforce.ibmcloud.com/vulnerabilities/16232http://marc.info/?l=bugtraq&m=108526683823840&w=2http://marc.info/?l=bugtraq&m=110141194202856&w=2http://secunia.com/advisories/11692http://securitytracker.com/id?1010259http://sourceforge.net/project/shownotes.php?release_id=252060http://www.osvdb.org/6346http://www.securityfocus.com/bid/10402https://exchange.xforce.ibmcloud.com/vulnerabilities/16232
2004-05-22
Published