Description XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via an invalid portletId. Remediation References CVE-2017-12645 Related Vulnerabilities Magento Session Fixation Vulnerability (CVE-2019-7849) WordPress Plugin Wp2android-webapp native mobile app builder free (android, IOs, Winphone mobile App) Arbitrary File Upload (1.1.4) WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Security Bypass (1.1.4.5) MySQL CVE-2023-22102 Vulnerability (CVE-2023-22102) MongoDb Other Vulnerability (CVE-2020-7928) Severity Medium Classification CVE-2017-12645 CWE-707 Tags Missing Update Known Vulnerabilities