Lucene search

K
cvelistMitreCVELIST:CVE-2016-3670
HistoryJun 13, 2016 - 2:00 p.m.

CVE-2016-3670

2016-06-1314:00:00
mitre
www.cve.org

0.088 Low

EPSS

Percentile

94.6%

Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.