[LPE-4977] XSS issue in the "Return to Full Page" link - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 5.2 EE SP5 (5.2.9) , 6.0 EE SP1 (6.0.11)
Fix Version/s: 5.2 EE SP6 (5.2.10), 6.0 EE SP2 (6.0.12)
Component/s: Application Security, Themes
Labels:
None

Description

A cross site scripting (XSS) vulnerability exist with a portlet's "Return to Full Page" link. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.

Attachments

Issue Links

is related to

LPS-16963 XSS issue in "Return to Full Page" link

Closed

Activity

People

Assignee:

EE Support

Reporter:

Samuel Kong

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

05/May/11 12:38 AM

Updated:

09/Dec/16 1:06 PM

Resolved:

05/May/11 12:40 AM

Packages

Version	Package
5.2 EE SP6 (5.2.10)
6.0 EE SP2 (6.0.12)