{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T12:31:39.198","vulnerabilities":[{"cve":{"id":"CVE-2011-1504","sourceIdentifier":"secalert@redhat.com","published":"2011-05-07T19:55:01.027","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Liferay Portal Community Edition (CE) v5.x  y v6.x anterior a v6.0.6 GA permite a atacantes remotos autenticados inyectar secuencias de comandos web o HTML a través del título blog."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.0.0:rc:community:*:*:*:*:*","matchCriteriaId":"86AD6094-E4EB-475E-A374-978CD00AA5AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.0.1:rc:community:*:*:*:*:*","matchCriteriaId":"2A014F89-F957-488F-9FF4-67F9EE9EE4A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.1.0:*:community:*:*:*:*:*","matchCriteriaId":"3263932E-3A41-41E3-9F77-73FC51B213C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.1.1:*:community:*:*:*:*:*","matchCriteriaId":"B16B7BDA-AAE9-4833-91E6-587DAC61E5CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.1.2:*:community:*:*:*:*:*","matchCriteriaId":"F6E3F406-1FE1-4321-9273-1F017648A7E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.2.0:*:community:*:*:*:*:*","matchCriteriaId":"82F1E696-9040-4D4A-BA99-E745EC085B9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.2.1:*:community:*:*:*:*:*","matchCriteriaId":"DFAADC3E-80FB-4135-B489-EC02A9A41382"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.2.2:*:community:*:*:*:*:*","matchCriteriaId":"65690437-8494-4D96-B2B2-99DCAD7A4688"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:5.2.3:*:community:*:*:*:*:*","matchCriteriaId":"E399C486-E3E1-4338-8D04-1D8263FD0DEF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:6.0.0:*:community:*:*:*:*:*","matchCriteriaId":"C4F553E6-7DFE-473D-8EBF-BBB85F013AD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:6.0.1:*:community:*:*:*:*:*","matchCriteriaId":"BDBB1E2F-9F65-482A-8C85-1E2D9FD13DC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:6.0.2:*:community:*:*:*:*:*","matchCriteriaId":"B280448B-071C-4285-8E3B-45E5CAD397B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:6.0.3:*:community:*:*:*:*:*","matchCriteriaId":"D702FD60-1FDA-48D1-A534-2637B7F130E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:6.0.4:*:community:*:*:*:*:*","matchCriteriaId":"0CC37883-18D2-416B-B960-53EF92F3125E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:portal:6.0.5:*:community:*:*:*:*:*","matchCriteriaId":"C1782D8A-DC53-4639-8313-EA7715CADCBE"}]}]}],"references":[{"url":"http://issues.liferay.com/browse/LPS-11506","source":"secalert@redhat.com"},{"url":"http://issues.liferay.com/browse/LPS-12145","source":"secalert@redhat.com"},{"url":"http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952","source":"secalert@redhat.com"},{"url":"http://openwall.com/lists/oss-security/2011/03/29/1","source":"secalert@redhat.com"},{"url":"http://openwall.com/lists/oss-security/2011/04/08/5","source":"secalert@redhat.com"},{"url":"http://openwall.com/lists/oss-security/2011/04/11/9","source":"secalert@redhat.com"},{"url":"http://issues.liferay.com/browse/LPS-11506","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://issues.liferay.com/browse/LPS-12145","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://openwall.com/lists/oss-security/2011/03/29/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://openwall.com/lists/oss-security/2011/04/08/5","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://openwall.com/lists/oss-security/2011/04/11/9","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}