CVE-2016-3670

MEDIUM

Liferay Portal < 6.2 - Stored Cross-Site Scripting via Profile Search FirstName Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-3670. PoCs published by Fernando Câmara.

AI-analyzed exploit summary This is a writeup detailing a stored XSS vulnerability in Liferay CE, where an attacker can inject malicious JavaScript into the FirstName field during user registration, which executes when another user searches for the profile.

Description

Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.

Exploits (1)

exploitdb WRITEUP
by Fernando Câmara · textwebappsjsp
https://www.exploit-db.com/exploits/39880

This is a writeup detailing a stored XSS vulnerability in Liferay CE, where an attacker can inject malicious JavaScript into the FirstName field during user registration, which executes when another user searches for the profile.

Classification
Writeup 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Liferay CE < 6.2 GA6
No auth needed
Prerequisites: Access to user registration functionality
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/39880/
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Jun/5
Vendor Advisory x_refsource_confirm
https://issues.liferay.com/browse/LPS-62387
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036083

Scores

CVSS v3 6.1
EPSS 0.0229
EPSS Percentile 81.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
com.liferay/com.liferay.portal.search.web 0 - 1.0.3Maven
liferay/liferay_portal < 6.2
Published Jun 13, 2016
Tracked Since Feb 18, 2026