Description
XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp.
Remediation
References
Related Vulnerabilities
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.65)
WordPress Plugin Ceceppa Multilingua Cross-Site Scripting (1.5.17)
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-0076)
Oracle Application Server Other Vulnerability (CVE-2007-0222)
PostgreSQL Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1115)