WEB APPLICATION VULNERABILITIES Standard & Premium

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12647)

Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a Knowledge Base article title.

Remediation

References

Related Vulnerabilities

MySQL CVE-2022-21286 Vulnerability (CVE-2022-21286)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4573)

WordPress Plugin WP Popup Lite-Responsive popup for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.8)

WordPress Plugin Under Construction Unspecified Vulnerability (3.25)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5447)

Severity

Medium

Classification

CVE-2017-12647 CWE-707

Tags

Missing Update Known Vulnerabilities