CVE-2010-5327
N/A
N/A
Summary
Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://issues.liferay.com/browse/LPS-7087
- https://issues.liferay.com/browse/LPE-14964
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities
- https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates
- https://issues.liferay.com/browse/LPS-64547
References
- https://issues.liferay.com/browse/LPS-7087
- https://issues.liferay.com/browse/LPE-14964
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities
- https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates
- https://issues.liferay.com/browse/LPS-64547
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.