1. Create a data definition and select "to DO " in Data Definition (Required) field and click "SAVE"
2. Go To Actions and open Spreadsheet view then a screen with Excel like view opens and
3.Click on Assigned To and give the payload as "><img src=x onerror=alert('XSS');> and XSS Executes it seems to be persistent and most dangerous as it keeps on executing as an when I go to that DDL post
4.Drop the portlet on the page with corresponding XSS DDL and in the page XSS executes