Details

    • Type: Regression Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: 6.1.30 EE GA3, 6.1.X EE, 6.2.0 CE B1
    • Fix Version/s: 6.1.X EE, 6.2.0 CE B2
    • Component/s: Security Vulnerability
    • Environment:

      Description

      1. Finish LPS-37747 steps.
        1. Go to Control Panel/Wiki.
        2. Click Add Wiki button.
        3. Fill title: <script>alert("xss")</script>.
        4. Save
      2. Checkpoint: You should not see the XSS.
      3. Back to liferay.com.
      4. Add wiki portlet to new page.

      Expected result:
      Users should see the wiki portlet without any XSS.

      Actual result:
      XSS appear.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mark.jin Mark Jin (Inactive)
              Reporter:
              mark.jin Mark Jin (Inactive)
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                7 years, 14 weeks, 5 days ago

                  Packages

                  Version Package
                  6.1.X EE
                  6.2.0 CE B2