Lucene search
PRIOn knowledge basePRION:CVE-2023-3193HistoryJun 15, 2023 - 4:15 a.m.
Cross site scripting
2023-06-1504:15:00
PRIOn knowledge base
www.prio-n.com
6
cross-site scripting
liferay portal
vulnerability
remote attackers
web script injection
html injection
0.001 Low
EPSS
Percentile
30.3%
Cross-site scripting (XSS) vulnerability in the Layout module’s SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, and Liferay DXP 7.4 update 70 through 73 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dxp | eq | 7.4 update-71 | |
| dxp | eq | 7.4 update-72 | |
| dxp | eq | 7.4 update-73 | |
| dxp | eq | 7.4 update-70 | |
| liferay_portal | ge | 7.4.3.70 | |
| liferay_portal | lt | 7.4.3.74 |
Related
nessus
nessus
Liferay DXP 7.4.13.70 < 7.4.13.74 XSS
2023-06-29 00:00:00
Liferay Portal CE 7.4.3.70 < 7.4.3.74 XSS
2023-06-22 00:00:00
cvelist
cvelist
CVE-2023-3193
2023-06-15 03:47:57
cve
cve
CVE-2023-3193
2023-06-15 04:15:34
nvd
nvd
CVE-2023-3193
2023-06-15 04:15:34
osv
osv
CVE-2023-3193
2023-06-15 04:15:34
veracode
veracode
Cross-site Scripting (XSS)
2023-06-29 07:35:44