-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 5.2.3, 5.2.9 EE, 6.0.6 GA
-
Fix Version/s: 5.2.X EE, --Sprint - SP, 6.0.12 EE, 6.1.0 CE RC1
-
Component/s: Accessibility, Polls, Security Vulnerability, ~ [Archived] Social Networking
-
Labels:
-
Environment:Tomcat 6.29 + MySQL 5.0. FireFox 4.0. 5.2.x Revision 77791.
Tomcat 6.29 + MySQL 5.0. FireFox 4.0. 6.0.x Revision 77791.
Tomcat 6.29 + MySQL 5.0. FireFox 4.0. 6.1.x Revision 77791.
-
Branch Version/s:6.0.x, 5.2.x
-
Backported to Branch:Committed
XSS issues in Polls portlet.
Steps to reproduced the issues:
1. Start liferay and login.
2. Go to Control Panel => Polls.
3. Add a question, When add question in Choices input <script>alert("xss")</script>.
4. Then click save.
5. Click the question and select one and try click Vote button.
I upload an image can see the result.
- relates
-
LPE-4932 XSS Issue in the Polls portlet
-
- Closed
-