Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Liferay Portal 7.1.0 - 7.2.1 XSS Vulnerability

🗓️ 04 Feb 2020 00:00:00Reported by Copyright (C) 2020 Greenbone Networks GmbHType 
openvas
 openvas🔗 plugins.openvas.org👁 40 Views

Liferay Portal 7.1.0 - 7.2.1 XSS Vulnerability, Authenticated Cross-Site Scripting, First Name, Middle Name, and Last Name fields, Persistent XSS issu

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Refs
Code
ReporterTitlePublishedViews
Family
OSV		CVE-2020-7934
28 Jan 202014:15
osv
OSV		GHSA-F99H-H678-FGG4 Liferay Portal Vulnerable to Persistent Cross-Site Scripting (XSS) in MyAccountPortlet
24 May 202217:07
osv
CVE		CVE-2020-7934
28 Jan 202014:15
cve
Prion		Cross site scripting
28 Jan 202014:15
prion
Cvelist		CVE-2020-7934
28 Jan 202013:03
cvelist
NVD		CVE-2020-7934
28 Jan 202014:15
nvd
GithubExploit		Exploit for Cross-site Scripting in Liferay Liferay Portal
17 Oct 201922:09
githubexploit
Packet Storm		LifeRay 7.2.1 GA2 Cross Site Scripting
23 Nov 202000:00
packetstorm
Github Security Blog		Liferay Portal Vulnerable to Persistent Cross-Site Scripting (XSS) in MyAccountPortlet
24 May 202217:07
github
Exploit DB		LifeRay 7.2.1 GA2 - Stored XSS
23 Nov 202000:00
exploitdb
Rows per page
# Copyright (C) 2020 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

CPE = "cpe:/a:liferay:liferay_portal";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.143436");
  script_version("2021-07-13T02:01:14+0000");
  script_tag(name:"last_modification", value:"2021-07-13 02:01:14 +0000 (Tue, 13 Jul 2021)");
  script_tag(name:"creation_date", value:"2020-02-04 02:17:21 +0000 (Tue, 04 Feb 2020)");
  script_tag(name:"cvss_base", value:"3.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:N/I:P/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-11-23 18:15:00 +0000 (Mon, 23 Nov 2020)");

  script_cve_id("CVE-2020-7934");

  script_tag(name:"qod_type", value:"remote_banner");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Liferay Portal 7.1.0 - 7.2.1 XSS Vulnerability");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
  script_family("Web application abuses");
  script_dependencies("gb_liferay_detect.nasl");
  script_mandatory_keys("liferay/detected");

  script_tag(name:"summary", value:"Liferay Portal is prone to an authenticated cross-site scripting vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"In LifeRay Portal CE the First Name, Middle Name, and Last Name fields for
  user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields
  with a particular XSS payload, and it will be stored in the database. The payload will then be rendered when a
  user utilizes the search feature to search for other users (i.e., if a user with modified fields occurs in the
  search results).");

  script_tag(name:"affected", value:"Liferay Portal versions 7.1.0 - 7.2.1.");

  script_tag(name:"solution", value:"Update to version 7.3.0 or later.");

  script_xref(name:"URL", value:"https://semanticbits.com/liferay-portal-authenticated-xss-disclosure/");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
  exit(0);

version = infos["version"];
location = infos["location"];

if (version_in_range(version: version, test_version: "7.1.0", test_version2: "7.2.1")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "7.3.0", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
04 Feb 2020 00:00Current
5.2Medium risk
Vulners AI Score5.2
CVSS23.5
CVSS35.4
EPSS0.03401
liferay portalauthenticatedcross-site scriptingpersistentvulnerabilityuser accountssearch featureversion 7.1.0 - 7.2.1
40
.json
Report