Medium severity6.1NVD Advisory· Published Aug 7, 2017· Updated Jun 17, 2026
CVE-2017-12647
CVE-2017-12647
Description
XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.liferay.portal:release.portal.bomMaven | < 7.0.3-ga4 | 7.0.3-ga4 |
Affected products
2Patches
Vulnerability mechanics
References
9- dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-70/-/asset_publisher/cjE0ourZXJZE/content/cst-7017-multiple-xss-vulnerabilitiesnvdIssue TrackingPatchVendor Advisory
- github.com/brianchandotcom/liferay-portal/pull/48901nvdIssue TrackingPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-75x7-w445-5gwrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-12647ghsaADVISORY
- github.com/liferay/liferay-portal/commit/12c56b7f068416f02de56e29342b078d5d12b2b8ghsaWEB
- github.com/liferay/liferay-portal/commit/36b21590d1cac644864b10fbec02c2cac20098b3ghsaWEB
- github.com/liferay/liferay-portal/commit/461278bda30e7ec9e30270d0bbd70129383f7721ghsaWEB
- github.com/liferay/liferay-portal/commit/ef2ba080f53924d2437c021280f5ba70ba88c51dghsaWEB
- web.archive.org/web/20201101000000*/https://dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-70/-/asset_publisher/cjE0ourZXJZE/content/cst-7017-multiple-xss-vulnerabilitiesghsaWEB
News mentions
0No linked articles in our index yet.