Description XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a bookmark URL. Remediation References CVE-2017-12648 Related Vulnerabilities WordPress Plugin XData Toolkit Arbitrary File Upload (1.9) WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (1.8.6) Magento Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2019-8113) WordPress Plugin BitMonet Cross-Site Scripting (1.0) WordPress Plugin Software License Manager Cross-Site Request Forgery (4.4.5) Severity Medium Classification CVE-2017-12648 CWE-707 Tags Missing Update Known Vulnerabilities