1 matches found
Cross-site Scripting (XSS)
Liferay portal-impl is vulnerable to cross-site scripting XSS attacks. The library does not sanitize the portletID field when a portlet is deployed, allowing a malicious user to inject and execute arbitrary web script...