Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-6034

Malicious JavaScript can be inserted into the Plugins Configuration section of Control Panel

    Details

    • Branch Version/s:
      5.2.x, 5.1.x
    • Backported to Branch:
      Committed

      Description

      A cross site scripting (XSS) vulnerability exist which allow an attacker to insert malicious JavaScript into the Plugins Configuration section of Control Panel

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  9 years, 27 weeks, 4 days ago

                  Packages

                  Version Package
                  6.0.0 Preview