CST-7017 Multiple XSS vulnerabilities in 7.0 CE GA3

Description

Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML into a page.

Severity

Severity 2

Fixed Version(s)

Acknowledgments

Some vulnerabilities reported by Craig Young and Juho Nurminen

Publication date: Mon, 26 Jun 2017 09:00:00 +0000

Security advisories for Liferay's enterprise offerings (e.g., Liferay DXP) are only listed here since 2023. Historial advisories are availabe in the Help Center.