HIGH
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
http://issues.liferay.com/browse/LPS-14726
http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952
http://openwall.com/lists/oss-security/2011/03/29/1
Source: MITRE
Published: 2011-05-07
Updated: 2011-05-31
Type: NVD-CWE-noinfo
Base Score: 9.3
Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH