Liferay Portal version 6.2 EE SP13 suffers from an administrator-inflicted cross site scripting vulnerability.