Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-3840

XSS issue in the Categories section of the Control Panel

    Details

      Description

      A cross site scripting (XSS) vulnerability exist with the adding of vocabularies and categories in the Categories section of the Control Panel. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sophia.zhang Sophia Zhang
              Reporter:
              brian.chan Brian Chan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package
                  6.0 EE SP1 (6.0.11)