Description XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via an invalid portletId. Remediation References CVE-2017-12645 Related Vulnerabilities WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.6) CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808) Apache Traffic Server Out-of-bounds Write Vulnerability (CVE-2021-35474) WordPress Plugin Integration for Contact Form 7 HubSpot Cross-Site Scripting (1.1.9) Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25631) Severity Medium Classification CVE-2017-12645 CWE-707 Tags Missing Update Known Vulnerabilities