Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the comliferaylayoutadminwebportletGroupPagesPortletbackURLTitle parameter on the page configuration page. An attacker can execute arbitrary web script or HTML in the context of a user's browser by tricking ...