Description
Cross-site scripting (XSS) vulnerability in the Redirect module's redirection administration page in Liferay Portal 7.3.2 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_redirect_web_internal_portlet_RedirectPortlet_destinationURL parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sidebar Adder 2 Cross-Site Scripting (2.0.0)
WordPress Plugin Redirection Cross-Site Request Forgery (1.1.3)
Oracle JRE CVE-2014-0460 Vulnerability (CVE-2014-0460)
WordPress 5.4.x Prototype Pollution (5.4 - 5.4.9)
WordPress Plugin Ultimate WordPress Auction Cross-Site Request Forgery (1.0.0)