Zurück zur CVE-Übersicht
CVE-2010-5327
MEDIUM(6.5)AV:N/AC:L/Au:S/C:P/I:P/A:P
Risk Signal Score17/100 — NIEDRIG
- CVSS 6.5 — Mittel
EPSS-Score
1%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
6.5
Technische Schwere
Beschreibung
Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template.
Referenzen
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asse...
- https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77...
- https://issues.liferay.com/browse/LPE-14964
- https://issues.liferay.com/browse/LPS-64547
- https://issues.liferay.com/browse/LPS-7087
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities
- https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asse...
- https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77...
- https://issues.liferay.com/browse/LPE-14964