Lucene search

BIT-liferay-2021-38265

🗓️ 31 Jan 2024 15:07:22Reported by GoogleType

osv🔗 osv.dev👁 8 Views

XSS vulnerability in Liferay Portal 7.3.4-7.3.6 allows remote script injection via _com_liferay_asset_list_web_portlet_AssetListPortlet_title

Reporter	Title	Published	Views	Family All 7
CNVD	Liferay Portal and Liferay DXP Cross-Site Scripting Vulnerability (CNVD-2022-19497)	4 Mar 202200:00	–	cnvd
Veracode	Cross-site Scripting (XSS)	4 Mar 202211:41	–	veracode
Prion	Cross site scripting	3 Mar 202200:15	–	prion
OSV	CVE-2021-38265	3 Mar 202200:15	–	osv
CVE	CVE-2021-38265	3 Mar 202200:15	–	cve
Cvelist	CVE-2021-38265	2 Mar 202223:03	–	cvelist
NVD	CVE-2021-38265	3 Mar 202200:15	–	nvd

Source	Link
liferay	www.liferay.com/
portal	www.portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38265-stored-xss-with-collection-name

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Jan 2024 15:22Current

5.9Medium risk

Vulners AI Score5.9

CVSS35.4

EPSS0.00066