WEB APPLICATION VULNERABILITIES Standard & Premium

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12648)

Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a bookmark URL.

Remediation

References

Related Vulnerabilities

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22875)

Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298)

WordPress Plugin Caldera Forms-More Than Contact Forms Arbitrary File Disclosure (1.8.1)

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39413)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0287)

Severity

Medium

Classification

CVE-2017-12648 CWE-707

Tags

Missing Update Known Vulnerabilities