Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T00:03:34.472Z
Reserved: 2016-03-24T00:00:00
Link: CVE-2016-3670

No data.

Status : Deferred
Published: 2016-06-13T14:59:03.963
Modified: 2025-04-12T10:46:40.837
Link: CVE-2016-3670

No data.

No data.