Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: CMS / Portals :: tb13608.htm

Liferay Enterprise Portal multiple XSS



Liferay Enterprise Portal multiple XSS
Liferay Enterprise Portal multiple XSS



Vendor Site: Liferay.net=0D
Version affected: Liferay Enterprise Portal 4.3.1 =0D
Demo:http://www.liferay.net/c/portal/login?tabs1=forgot-password=0D 
Class: Input Validation Error=0D
=0D
Overview: Liferay fails to sufficiently sanitize user-supplied input data in "email address" text box by pressing the "Send New Password" button.=0D
=0D
Examples:=0D
1.">=0D
2.XSS=0D
3.">

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH