-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 5.1 EE SP5 (5.1.8), 5.2 EE SP4 (5.2.8) , 6.0 CE (6.0.5)
-
Fix Version/s: 5.1 EE SP5 (5.1.8), 5.2 EE SP4 (5.2.8) , 6.0 EE (6.0.10)
-
Component/s: Application Security, WCM > Navigation
-
Labels:None
A cross site scripting (XSS) vulnerability exist with the page titles and URL in the Navigation portlet. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.
- is related to
-
LPS-12272 Navigation portlet is vulnerable to XSS
- Closed