-
Type:
Bug
-
Status: Closed
-
Resolution: Won't Fix
-
Affects Version/s: 6.1.1 CE GA2
-
Component/s: Dev Tools, Dev Tools > Plugins SDK
-
Labels:
How to prevent the XSS vulnerability in Liferay 6.1.0?
While using our customized registration portlet - we have submit the form - but default quetystring like p_p_id ,p_p_view would visible to the user. If the user will give the javascript tags in the param value to the p_p_view , it accepts the param.
how to solve the issue?