0.001 Low
EPSS
Percentile
34.0%
com.liferay.journal.taglib is vulnerable to cross-site scripting (XSS). Lack of HTML encoding allows a remote attacker to inject arbitrary Javascript into a victim’s browser via the title of the journal.
github.com/liferay/liferay-portal/commit/7e063aed70f947a92bb43a4471e0c4e650fe8f7f