-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 5.1 EE SP2 (5.1.5), 5.2 EE (5.2.4)
-
Fix Version/s: 5.1 EE SP3 (5.1.6), 5.2 EE SP1 (5.2.5)
-
Component/s: Application Security, Polls
-
Labels:None
-
Environment:All
A cross site scripting (XSS) vulnerability exist in the Polls portlet which may allow an attacker to insert malicious JavaScript into a page.
- is related to
-
LPS-3861 Polls results are not escaped
- Closed