Description
A Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.3.2 through 7.4.3.16, and Liferay DXP 7.3 before update 6, and 7.4 before update 17 allows remote attackers to inject arbitrary web script or HTML.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-5634 Vulnerability (CVE-2016-5634)
WordPress Plugin WatuPRO SQL Injection (5.5.3.6)
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (4.0.9)
Joomla! Core Information Disclosure (1.5.0 - 3.7.5)
WordPress Plugin Knews Multilingual Newsletters Cross-Site Request Forgery (1.2.5)