Liferay Portal version 7.3.4 to 7.4.3.68 and Liferay DXP 7.3 before update 24 and 7.4 before update 69 allows XSS via crafted payload in URL text fiel
Reporter | Title | Published | Views | Family All 10 |
---|---|---|---|---|
OSV | CVE-2023-33944 | 24 May 202316:15 | – | osv |
OSV | BIT-liferay-2023-33944 | 31 Jan 202415:18 | – | osv |
OSV | Cross-site scripting in Liferay Portal | 24 May 202318:30 | – | osv |
CVE | CVE-2023-33944 | 24 May 202316:15 | – | cve |
Vulnrichment | CVE-2023-33944 | 24 May 202315:07 | – | vulnrichment |
NVD | CVE-2023-33944 | 24 May 202316:15 | – | nvd |
Github Security Blog | Cross-site scripting in Liferay Portal | 24 May 202318:30 | – | github |
Veracode | Cross-site Scripting (XSS) | 14 Jun 202302:34 | – | veracode |
Cvelist | CVE-2023-33944 | 24 May 202315:07 | – | cvelist |
Prion | Cross site scripting | 24 May 202316:15 | – | prion |
Source | Link |
---|---|
nessus | www.nessus.org/u |
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(176451);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/06/22");
script_cve_id("CVE-2023-33944");
script_xref(name:"IAVA", value:"2023-A-0267-S");
script_name(english:"Liferay Portal 7.3.4 <= 7.3.7 / 7.4.0 < 7.4.3.69 XSS");
script_set_attribute(attribute:"synopsis", value:
"An application running on a remote web server host is affected by a cross-site scripting vulnerability");
script_set_attribute(attribute:"description", value:
"Cross-site scripting (XSS) vulnerability in Layout module in Liferay Portal 7.3.4 through 7.4.3.68, and Liferay DXP
7.3 before update 24, and 7.4 before update 69 allows remote attackers to inject arbitrary web script or HTML via a
crafted payload injected into a container type layout fragment's URL text field.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33944
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b4965245");
script_set_attribute(attribute:"solution", value:
"Upgrade to Liferay Portal 7.4.3.69 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-33944");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/24");
script_set_attribute(attribute:"patch_publication_date", value:"2023/05/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/29");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:liferay:liferay_portal");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses : XSS");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("liferay_detect.nasl");
script_require_keys("installed_sw/liferay_portal");
script_require_ports("Services/www", 8080);
exit(0);
}
include('http.inc');
include('vcf.inc');
var port = get_http_port(default:8080);
var app_info = vcf::get_app_info(app:'liferay_portal', webapp:TRUE, port:port);
var constraints = [
{ 'min_version' : '7.3.4', 'max_version' : '7.3.7', 'fixed_display' : '7.4.3.69' },
{ 'min_version' : '7.4.0', 'fixed_version' : '7.4.3.69' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
flags:{'xss':TRUE}
);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo