Reflected Cross-site Scripting (XSS)
com.liferay, com.liferay.product.navigation.control.menu.web is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper validation of the comliferaylayoutadminwebportletGroupPagesPortletbackURLTitle parameter, which allows an attacker to inject arbitrary web script ...