PT-2017-12626 · Liferay · Liferay Portal

Topolik

·

Published

2017-08-07

·

Updated

2022-05-17

·

CVE-2017-12647

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Liferay Portal versions prior to 7.0 CE GA4
Description A cross-site scripting issue exists, allowing potential exploitation via a Knowledge Base article title.
Recommendations For versions prior to 7.0 CE GA4, update to version 7.0 CE GA4 or later to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2017-12647
GHSA-75X7-W445-5GWR

Affected Products

Liferay Portal