Issue
- Persistent XSS vulnerability found in the Web Page builder.
Environment
- DXP 7.4
Resolution
- This is expected behavior, the HTML fragment does not provide any out-of-the-box sanitation, as it is expected that clients will allow only advanced roles to use it, and clients can restrict its access through configuring the Master page to not allow its usage.
Conteúdo Excluesivo para Assinantes
Uma Subscrição do Liferay Enterprise fornece acesso a mais de 1.500 artigos que incluem práticas recomendadas, solução de problemas e outras soluções valiosas. Faça login para obter acesso completo.
Entrar