Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-61116

Stored XSS with user names in Social Networking Map

Details

    • Bug
    • Status: Closed
    • Resolution: Duplicate
    • 6.2.3 CE GA4
    • 6.2.3 CE GA4
    • Social Networking
    • None

    Description

      A stored cross-site scripting (XSS) vulnerability exist with user names in the Social Networking's Map portlet. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.

      Attachments

        Activity

          People

            samuel.kong Samuel Kong
            samuel.kong Samuel Kong
            Kiyoshi Lee Kiyoshi Lee
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              6 years, 43 weeks, 6 days ago

              Packages

                Version Package
                6.2.3 CE GA4