-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 5.2 EE SP5 (5.2.9) , 6.0 EE SP1 (6.0.11)
-
Fix Version/s: 5.2 EE SP6 (5.2.10), 6.0 EE SP2 (6.0.12)
-
Component/s: Application Security, Themes
-
Labels:None
A cross site scripting (XSS) vulnerability exist with a portlet's "Return to Full Page" link. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.
- is related to
-
LPS-16963 XSS issue in "Return to Full Page" link
- Closed