Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via an invalid portletId.

Remediation

References

CVE-2017-12645

Related Vulnerabilities

WordPress Plugin WordPress Download Manager Cross-Site Scripting (3.2.21)

MySQL CVE-2021-35608 Vulnerability (CVE-2021-35608)

WordPress Plugin Rezgo Online Booking Cross-Site Scripting (4.1.7)

WordPress Plugin RentPress Cross-Site Scripting (6.6.4)

Apache HTTP Server CVE-2004-0751 Vulnerability (CVE-2004-0751)

Severity

Medium

Classification

CVE-2017-12645 CWE-707

Tags

Missing Update Known Vulnerabilities