Description
Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
Remediation
References
Related Vulnerabilities
WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Unspecified Vulnerability (15.0.0)
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)
WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.3.7)
Oracle HTTP Server Inadequate Encryption Strength Vulnerability (CVE-2013-2566)
WordPress Plugin Blog Designer Cross-Site Scripting (1.8.11)