Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12646)

Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a login name, password, or e-mail address.

Remediation

References

Related Vulnerabilities

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5909)

WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram Cross-Site Scripting (2.0.2)

phpList Other Vulnerability (CVE-2006-5524)

Python Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20907)

Jenkins Other Vulnerability (CVE-2016-3726)

Severity

Medium

Classification

CVE-2017-12646 CWE-707

Tags

Missing Update Known Vulnerabilities