Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a bookmark URL.

Remediation

References

CVE-2017-12648

Related Vulnerabilities

WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.0)

WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (4.9.1)

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3192)

Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8109)

Oracle Application Server Other Vulnerability (CVE-2002-1636)

Severity

Medium

Classification

CVE-2017-12648 CWE-707

Tags

Missing Update Known Vulnerabilities