Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform. Liferay Portal and Liferay DXP are cross-site scripting vulnerabilities that can be exploited by remote attackers to inject arbitrary Web script or HTML through the output of Gogo Shell commands. injecting arbitrary Web script or HTML.