Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27343 of 28407

CVE-2017-12649

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display.

CVE-2017-12567

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2.

CVE-2017-12647

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title.

CVE-2017-12645

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId.

CVE-2017-12646

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, password, or e-mail address.

Author: Cyberthreat Blog

CVE-2017-12649

CVE-2017-12567

CVE-2017-12647

CVE-2017-12645

CVE-2017-12646