Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a Knowledge Base article title.

Remediation

References

CVE-2017-12647

Related Vulnerabilities

WordPress Plugin Bind Users to Taxonomy Cross-Site Scripting (0.3)

Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0702)

WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.2)

WordPress Plugin SFBrowser 'sfbrowser.php' Arbitrary File Upload (1.4.5)

Severity

Medium

Classification

CVE-2017-12647 CWE-707

Tags

Missing Update Known Vulnerabilities