Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the p_l_back_url_title
parameter.
CPE | Name | Operator | Version |
---|---|---|---|
liferay_portal | ge | 7.4.3.94 | |
liferay_portal | le | 7.4.3.95 |