CVE-2017-12647 — Cross-site Scripting in Portal

Severity

6.1MEDIUMNVD

EPSS

0.2%

top 51.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 7

Latest updateMay 17

Description

XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

OSV

Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title↗2022-05-17

▶

GHSA

Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title↗2022-05-17

▶

CVEList

CVE-2017-12647: XSS exists in Liferay Portal before 7↗2017-08-07

▶