WEB APPLICATION VULNERABILITIES Standard & Premium

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12645)

Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via an invalid portletId.

Remediation

References

Related Vulnerabilities

YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)

Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)

Joomla! Core 3.x.x SQL Injection (3.1.0 - 3.2.2)

Oracle Database Server CVE-2006-3699 Vulnerability (CVE-2006-3699)

IBM RTC CVE-2020-4964 Vulnerability (CVE-2020-4964)

Severity

Medium

Classification

CVE-2017-12645 CWE-707

Tags

Missing Update Known Vulnerabilities