Description

Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3.0 allows remote attackers to inject arbitrary web script or HTML via the p_p_id parameter.

Remediation

References

CVE-2009-3742

Related Vulnerabilities

Ruby on Rails Improper Input Validation Vulnerability (CVE-2014-0082)

WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.8)

Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6)

MySQL Other Vulnerability (CVE-2006-4226)

WordPress 2.6.3 Cross-Site Scripting Vulnerability (0.6.2 - 2.6.3)

Severity

Medium

Classification

CVE-2009-3742 CWE-707

Tags

Missing Update Known Vulnerabilities