CVE-2007-6173

Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1

cpe:2.3:a:liferay:liferay_enterprise_portal:4.3.1:*:*:*:*:*:*:*

Information

Published : 2007-11-30 12:46

Updated : 2018-10-15 09:50


NVD link : CVE-2007-6173

Mitre link : CVE-2007-6173

Products Affected
No products.
CWE