WEB APPLICATION VULNERABILITIES Standard & Premium

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12645)

Description

XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via an invalid portletId.

Remediation

References

Related Vulnerabilities

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.25)

WordPress Plugin FireStorm Shopping Cart eCommerce SQL Injection (2.07.02)

MySQL CVE-2022-21451 Vulnerability (CVE-2022-21451)

OpenSSL Out-of-bounds Read Vulnerability (CVE-2014-0160)

MySQL CVE-2021-2016 Vulnerability (CVE-2021-2016)

Severity

Medium

Classification

CVE-2017-12645 CWE-707

Tags

Missing Update Known Vulnerabilities