2 matches found
CVE-2017-12649
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display...
CVE-2017-12649
CVE-2017-12649 describes an XSS vulnerability in Liferay Portal prior to 7.0 CE GA4, triggered by a crafted title or summary that is mishandled in the Web Content Display. The issue targets the Web Content Display path, with the root cause being improper handling of title/summary values in asset ...