Description
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter (p_r_p) value, as demonstrated by p_r_p_564233524_tag.
Remediation
References
Related Vulnerabilities
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-5190)
WordPress Plugin Flipbox-Awesomes Flip Boxes Image Overlay Security Bypass (2.6.0)
WordPress Plugin Import Legacy Media Cross-Site Scripting (0.1)
Invision Power Board version 3.3.4 unserialize PHP code execution