Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the currentURL parameter on the Portal Workflow module's edit process page, which is accepted and rendered without sanitization. Details Cross-site scripting or XSS is a code vulnerability that occurs when a...

Liferay DXP 跨站脚本漏洞

Liferay DXP is a suite of digital experience collaboration platforms from US-based Liferay. A security vulnerability exists in Liferay DXP 7.0, which allows remote attackers to inject arbitrary web script or HTML via the currentURL parameter...

CVE-2013-7276

Cross-site scripting XSS vulnerability in inc/rafform.php in the Recommend to a friend plugin 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the currenturl parameter...