3 matches found
Liferay Portal Vulnerable to XSS via an Invalid portletId
XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId...
Cross-site Scripting (XSS)
Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Cross-site Scripting XSS via an invalid portletId. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious...
CVE-2017-12645
XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId...