Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-13168

Stored XSS with page names in Site Map portlet

Details

    Description

      A stored cross site scripting (XSS) vulnerability exist with page names in the Site Map portlet. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.

      Attachments

        Issue Links

          Activity

            People

              jonathan.mccann Jonathan McCann
              john.zhao John Zhao (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Packages

                  Version Package
                  6.2.X EE