Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12647)

Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a Knowledge Base article title.

Remediation

References

Related Vulnerabilities

Oracle Database Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5498)

WordPress Plugin SPNbabble Cross-Site Request Forgery (1.4.1)

Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642)

WordPress Plugin ACF to REST API Information Disclosure (3.2.0)

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)

Severity

Medium

Classification

CVE-2017-12647 CWE-707

Tags

Missing Update Known Vulnerabilities