Cross-Site Scripting Vulnerabilities in Liferay Portal
CVE-2004-2030

Currently unrated

Key Information:

Vendor

Liferay
Status
Liferay Enterprise Portal
Vendor
CVE Published:
22 May 2004

What is CVE-2004-2030?

Liferay Portal versions prior to 2.2.0 are susceptible to multiple cross-site scripting (XSS) vulnerabilities in the index.jsp file. These flaws allow remote attackers to inject arbitrary web scripts or HTML into the application, potentially compromising user interaction and trust. The vulnerability can specifically be exploited through the message subject field, enabling attackers to craft malicious payloads that execute client-side scripts in the context of a victim’s browser session.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=110141194202856&w=2
mailing-listx_refsource_BUGTRAQ
http://securitytracker.com/id?1010259
vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/11692
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.