[LPE-3840] XSS issue in the Categories section of the Control Panel - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 6.0 EE (6.0.10)
Fix Version/s: 6.0 EE SP1 (6.0.11)
Component/s: Application Security, Legacy > Control Panel menu
Labels:
None

Description

A cross site scripting (XSS) vulnerability exist with the adding of vocabularies and categories in the Categories section of the Control Panel. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.

Attachments

Issue Links

is related to

LPS-14036 Persistent XSS vulnerability in Categories portlet

Closed

Activity

People

Assignee:: Sophia Zhang

Reporter:: Brian Chan

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 26/Nov/10 6:56 AM

Updated:: 09/Dec/16 12:58 PM

Resolved:: 27/Dec/10 11:28 PM

Packages

Version	Package
6.0 EE SP1 (6.0.11)