Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via an invalid portletId.

Remediation

References

CVE-2017-12645

Related Vulnerabilities

Joomla! Core Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 3.8.7)

WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.0.8)

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747)

WordPress Plugin Front End Upload Arbitrary File Upload (0.5.4.4)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Security Bypass (2.0.15)

Severity

Medium

Classification

CVE-2017-12645 CWE-707

Tags

Missing Update Known Vulnerabilities