3 matches found
CVE-2021-38267
Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...
CVE-2021-38267
Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...
CVE-2021-38267
CVE-2021-38267 is a Cross-site Scripting (XSS) vulnerability disclosed for the Blogs module in Liferay Portal 7.3.2–7.3.6 and Liferay DXP 7.3 before fix pack 2. The issue enables remote attackers to inject arbitrary web script or HTML via the _com_liferay_blogs_web_portlet_BlogsAdminPortlet_title...