7703 matches found
CVE-2025-62265
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
CVE-2025-50574
Cross-site scripting XSS vulnerability in blog-details.php in Hiruna Gallage's Glamour Salon Management System v1 allows remote attackers to inject arbitrary web script or HTML via the blog comment section parameter...
EUVD-2025-37203
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
GHSA-56JV-4WW3-65MW Liferay Portal is vulnerable to XSS in the Blogs widget
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
CVE-2025-62265
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
CVE-2025-62265
CVE-2025-62265 is an XSS vulnerability in the Blogs widget of Liferay Portal and Liferay DXP, exploitable via a crafted iframe injected into a blog entry’s Content text field. The issue stems from the Blogs widget not adding a sandbox attribute to iframe elements, allowing remote attackers to run...
CVE-2025-62265
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
Malicious code in epic-blog-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de5261933fa561dedcb89fe55c6b41859e5b509696d851e692f37612199da591 The package epic-blog-frontend was found to contain malicious code...
Malicious code in epic-minimalist-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88594dc7418cc4928defaac06863881868aeaf3e78f9d9037cfd68bba955edee The package epic-minimalist-blog was found to contain malicious code...
Malicious code in epic-react-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f19ce3c8ab699f98d23829606fa5fa69c07ae86e6e23311aeabaeb64d757c477 The package epic-react-blog was found to contain malicious code...
Malicious code in epic-ue-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 368954b0aea9243621f7133508baad0f16f003a15909f5790eb11025dc7fe870 The package epic-ue-blog was found to contain malicious code...
EUVD-2025-37129
Malicious code in epic-minimalist-blog npm...
EUVD-2025-37114
Malicious code in epic-react-blog npm...
EUVD-2025-37174
Malicious code in epic-blog-frontend npm...
EUVD-2025-37093
Malicious code in epic-ue-blog npm...
EUVD-2025-37127
Malicious code in epic-node-blog npm...
Malicious code in epic-node-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4207720525d69e9c09afb392295f1566d480abc128a98065be73bb7044e93291 The package epic-node-blog was found to contain malicious code...
MAL-2025-49119 Malicious code in epic-blog-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de5261933fa561dedcb89fe55c6b41859e5b509696d851e692f37612199da591 The package epic-blog-frontend was found to contain malicious code...
MAL-2025-49179 Malicious code in epic-react-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f19ce3c8ab699f98d23829606fa5fa69c07ae86e6e23311aeabaeb64d757c477 The package epic-react-blog was found to contain malicious code...
MAL-2025-49164 Malicious code in epic-minimalist-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88594dc7418cc4928defaac06863881868aeaf3e78f9d9037cfd68bba955edee The package epic-minimalist-blog was found to contain malicious code...