14 matches found
CVE-2025-62238
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
Liferay Portal's Membership page is vulnerable to XSS through “name“ text field
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
EUVD-2025-33720
Liferay Portal's Membership page is vulnerable to XSS through “name“ text field...
GHSA-XW6M-3M5Q-MXPM Liferay Portal's Membership page is vulnerable to XSS through “name“ text field
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
CVE-2025-62238
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
CVE-2025-62238
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
CVE-2025-62238
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
CVE-2025-62238
Stored cross-site scripting XSS vulnerability on the Membership page in Account Settings in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject...
CVE-2025-62238
CVE-2025-62238 is a stored XSS vulnerability affecting Liferay Portal 7.4.3.21–7.4.3.111 and Liferay DXP 2023.Q4.0–2023.Q4.5, plus 2023.Q3.1–2023.Q3.8 and 7.4 update 21–92. The issue occurs on the Membership page in Account Settings via the Account Name field, where insufficient input validation ...
PT-2025-41560
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.3.21 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.8 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Liferay Portal versions 7.4 update 21 through update 92 Description A stored cross-site...
PT-2022-19338 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.0.1 through 7.4.1 Liferay DXP 7.0 before fix pack 102 Liferay DXP 7.1 before fix pack 26 Liferay DXP 7.2 before fix pack 15 Liferay DXP 7.3 before service pack 3 Description: A stored cross-site scripting XSS issue i...
CVE-2018-17130
PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,...
americanconsumercouncil.org XSS vulnerability
Open Bug Bounty ID: OBB-609376 Description| Value ---|--- Affected Website:| americanconsumercouncil.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
yellowpages.biz.pk XSS vulnerability
Vulnerable URL: http://www.yellowpages.biz.pk/membership.asp?fill=on=38%20=%20=0%20=%20=1"...