[LPS-61116] Stored XSS with user names in Social Networking Map - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Duplicate
Affects Version/s: 6.2.3 CE GA4
Fix Version/s: 6.2.3 CE GA4
Component/s: ~ [Archived] Social Networking
Labels:
None

Description

A stored cross-site scripting (XSS) vulnerability exist with user names in the Social Networking's Map portlet. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.

Attachments

Activity

People

Assignee:: Samuel Kong

Reporter:: Samuel Kong

Participants of an Issue:: Samuel Kong

Recent user:: Esther Sanz

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 08/Dec/15 3:12 PM

Updated:: 08/Dec/15 3:30 PM

Resolved:: 08/Dec/15 3:13 PM

Days since last comment:: 5 years, 8 weeks, 1 day ago

Packages

Version	Package
6.2.3 CE GA4