Cross-site Scripting (XSS)
com.liferay.layout.taglib is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the layout module, which allows an attacker to inject and execute malicious web script or HTML via a crafted payload into a container-type layout fragment's URL text field...