Description XSS exists in Liferay Portal before 7.0 CE GA4(7.0.3) via a bookmark URL. Remediation References CVE-2017-12648 Related Vulnerabilities WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4) Drupal Incorrect Authorization Vulnerability (CVE-2022-25270) WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.3.1) Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979) PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4586) Severity Medium Classification CVE-2017-12648 CWE-707 Tags Missing Update Known Vulnerabilities