CVE-2023-44310

🗓️ 17 Oct 2023 09:28:17Reported by LiferayType

CVE-2023-44310 Stored XSS in Liferay Porta

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2023-44310	17 Oct 202314:32	–	circl
CNNVD	Liferay Portal and Liferay DXP Cross-Site Scripting Vulnerabilities	17 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-44310	17 Oct 202309:28	–	cvelist
EUVD	EUVD-2023-48666	3 Oct 202520:07	–	euvd
Github Security Blog	Liferay Portal and Liferay DXP Vulnerable to XSS via the Page Tree Menu	17 Oct 202312:30	–	github
NVD	CVE-2023-44310	17 Oct 202310:15	–	nvd
OSV	BIT-2023-44310	25 Oct 202306:20	–	osv
OSV	BIT-LIFERAY-2023-44310	31 Jan 202415:16	–	osv
OSV	CVE-2023-44310	17 Oct 202310:15	–	osv
OSV	GHSA-J5GV-W838-MMCX Liferay Portal and Liferay DXP Vulnerable to XSS via the Page Tree Menu	17 Oct 202312:30	–	osv

NVD

Vulners

Node

liferay digital_experience_platformMatch7.1fix_pack_1

liferay digital_experience_platformMatch7.1fix_pack_10

liferay digital_experience_platformMatch7.1fix_pack_11

liferay digital_experience_platformMatch7.1fix_pack_12

liferay digital_experience_platformMatch7.1fix_pack_13

liferay digital_experience_platformMatch7.1fix_pack_14

liferay digital_experience_platformMatch7.1fix_pack_15

liferay digital_experience_platformMatch7.1fix_pack_16

liferay digital_experience_platformMatch7.1fix_pack_17

liferay digital_experience_platformMatch7.1fix_pack_18

liferay digital_experience_platformMatch7.1fix_pack_19

liferay digital_experience_platformMatch7.1fix_pack_2

liferay digital_experience_platformMatch7.1fix_pack_20

liferay digital_experience_platformMatch7.1fix_pack_21

liferay digital_experience_platformMatch7.1fix_pack_22

liferay digital_experience_platformMatch7.1fix_pack_23

liferay digital_experience_platformMatch7.1fix_pack_3

liferay digital_experience_platformMatch7.1fix_pack_4

liferay digital_experience_platformMatch7.1fix_pack_5

liferay digital_experience_platformMatch7.1fix_pack_6

liferay digital_experience_platformMatch7.1fix_pack_7

liferay digital_experience_platformMatch7.1fix_pack_8

liferay digital_experience_platformMatch7.1fix_pack_9

liferay digital_experience_platformMatch7.4-

liferay digital_experience_platformMatch7.4update1

liferay digital_experience_platformMatch7.4update21

liferay digital_experience_platformMatch7.4update34

liferay digital_experience_platformMatch7.4update36

liferay digital_experience_platformMatch7.4update41

liferay digital_experience_platformMatch7.4update48

liferay digital_experience_platformMatch7.4update50

liferay digital_experience_platformMatch7.4update52

liferay digital_experience_platformMatch7.4update62

liferay digital_experience_platformMatch7.4update67

liferay digital_experience_platformMatch7.4update76

liferay liferay_portalRange7.3.6–7.4.3.49

[
  {
    "defaultStatus": "unaffected",
    "product": "DXP",
    "vendor": "Liferay",
    "versions": [
      {
        "lessThanOrEqual": "7.3.10.u23",
        "status": "affected",
        "version": "7.3.10.sp1",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "7.4.13.u78",
        "status": "affected",
        "version": "7.4.13",
        "versionType": "maven"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Portal",
    "vendor": "Liferay",
    "versions": [
      {
        "lessThanOrEqual": "7.4.3.78",
        "status": "affected",
        "version": "7.3.6",
        "versionType": "maven"
      }
    ]
  }
]

Source	Link
liferay	www.liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-44310

21 Nov 2024 08:25Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.4 - 9

EPSS0.00199

SSVC

CWE-79