XSS issue in the Directory portlet
Affects versions
Fix versions
7.0 Fix Pack Version
None
7.1 Fix Pack Version
None
7.2 Fix Pack Version
None
7.3 Fix Pack Version
None
7.4 Fix Pack Version
None
CVE IDs
None
CVSS Base Score
None
CVSS Vector String
None
Labels
Description
is related to
Activity
Show:
Rafaela Nascimento
updated the LabelsDecember 21, 2022 at 11:37 AMNone
6.0_release_notes
Nicole
changed the StatusDecember 9, 2016 at 2:06 PMResolved
Closed
Nicole
updated the Security LevelDecember 9, 2016 at 2:06 PMPrivate
None
Randy Zhu
updated the WorkflowJune 17, 2013 at 5:20 PMLiferay Workflow 2.2
SHARED - Liferay Workflow 2.2
Mark Jin
changed the StatusJanuary 4, 2011 at 9:17 PMManual Testing
Resolved
Mark Jin
updated the ResolutionJanuary 4, 2011 at 9:17 PMNone
Fixed
Mark Jin
changed the AssigneeJanuary 4, 2011 at 8:09 PMSamuel Kong
Mark Jin
Michael Saechang
changed the StatusJanuary 4, 2011 at 3:27 PMIn Review
Manual Testing
Samuel Kong
changed the StatusDecember 28, 2010 at 12:39 AMIn Progress
In Review
Samuel Kong
changed the StatusDecember 28, 2010 at 12:39 AMOpen
In Progress
Samuel Kong
updated the ComponentsDecember 28, 2010 at 12:39 AMNone
Portlet - Directory
Samuel Kong
updated the DescriptionDecember 28, 2010 at 12:39 AMA cross site scripting (XSS) vulnerability exist with the user addresses page in the Control Panel. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.
A cross site scripting (XSS) vulnerability exist with the user addresses in the Directory portlet. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.
Samuel Kong
updated the SummaryDecember 28, 2010 at 12:39 AMXSS issue in the user addresses page in the Control Panel
XSS issue in the Directory portlet
Samuel Kong
updated the ComponentsDecember 28, 2010 at 12:39 AMControl Panel
None
Brian Chan
updated the Linked IssuesDecember 10, 2010 at 10:17 AMNone
This issue is related to LPS-11506
Brian Chan
created the IssueDecember 10, 2010 at 10:16 AMFixed
Pinned fields
Click on the next to a field label to start pinning.
Details
Details
Assignee
Mark Jin
Mark Jin(Deactivated)Reporter
Brian Chan
Brian ChanPriority
Zendesk Support
Linked Tickets
Zendesk Support

Linked Tickets
Created December 10, 2010 at 10:16 AM
Updated December 21, 2022 at 11:37 AM
Resolved January 4, 2011 at 9:17 PM
A cross site scripting (XSS) vulnerability exist with the user addresses in the Directory portlet. An attacker can potentially exploit this security vulnerability to insert malicious JavaScript into a page.