com.liferay.oauth2.provider.service is vulnerable to Cross-site Scripting (XSS). The vulnerability exists in the OAuth 2.0 module’s `OAuth2ProviderApplicationRedirect` class in the library, which allows an attacker to inject and execute malicious web script or HTML via the `code` or `error` parameters.Read More