Description
Liferay Portal through v7.3.6 and Liferay DXP through v7.3 were discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Blog Entry function under the Blog module.
Remediation
References
Related Vulnerabilities
Nginx Resource Management Errors Vulnerability (CVE-2016-0747)
Serendipity Other Vulnerability (CVE-2005-1451)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3727)
WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.5.1)
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3197)