CVE-2017-12647
CVE-2017-12647 concerns a cross-site scripting (XSS) vulnerability in Liferay Portal prior to 7.0 CE GA4. The issue affects the com.liferay.knowledge.base.service component and arises from inadequate sanitization of user-supplied input (notably Knowledge Base article titles), enabling an attacker...