Cross-site Scripting(XSS)

com.liferay.knowledge.base.service is vulnerable to cross-site scripting XSS. The vulnerability exists because it does not properly sanitize the user-provided parameters such as userId, allowing a remote attacker to inject arbitrary Javascript into the victim's browser...