Description XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a bookmark URL. Remediation References CVE-2017-12648 Related Vulnerabilities MediaWiki Improper Input Validation Vulnerability (CVE-2011-1580) WordPress Plugin WP Debugging Security Bypass (2.10.2) Oracle HTTP Server CVE-2019-2751 Vulnerability (CVE-2019-2751) WordPress Plugin Email Users Cross-Site Request Forgery (4.8.3) WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Information Disclosure (1.38.3.2) Severity Medium Classification CVE-2017-12648 CWE-707 Tags Missing Update Known Vulnerabilities