Description
XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp.
Remediation
References
Related Vulnerabilities
MySQL CVE-2012-3150 Vulnerability (CVE-2012-3150)
MySQL CVE-2012-3147 Vulnerability (CVE-2012-3147)
WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)
WordPress Plugin Simple File List Arbitrary File Upload (4.2.2)
WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)