Description XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a login name, password, or e-mail address. Remediation References CVE-2017-12646 Related Vulnerabilities WebLogic CVE-2021-2397 Vulnerability (CVE-2021-2397) WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Multiple Vulnerabilities (2.5.0) Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6100) WordPress Plugin Monsters Editor for WP Super Edit Arbitrary File Upload (1.1) Internet Information Services Other Vulnerability (CVE-2006-0026) Severity Medium Classification CVE-2017-12646 CWE-707 Tags Missing Update Known Vulnerabilities