2 matches found
CVE-2014-2963
CVE-2014-2963 affects Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE. The vulnerability is a persistent cross-site scripting (XSS) in group/control_panel/manage, exploitable via the parameters _2_firstName, _2_lastName, or _2_middleName in the “my account area.” Impact described includes inf...
Liferay Portal PCE contains multiple cross-site scripting vulnerabilities
Overview Liferay Portal versions 6.1.2 CE GA3, 6.1.X EE, 6.2.X EE, Master contain multiple cross-site scripting vulnerabilities Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-2963Liferay is affected by a Persistent Cross Site...