38 matches found
[SECURITY] Fedora 42 Update: qt5-qtgamepad-5.15.18-1.fc42
Qt Gamepad provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
EUVD-2017-4188
Malware in sbrugna...
[SECURITY] Fedora 42 Update: qt6-qtwebview-6.9.1-1.fc42
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
CVE-2017-12649
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display...
[SECURITY] Fedora 40 Update: qt5-qtgamepad-5.15.14-1.fc40
Qt Gamepad provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
[SECURITY] Fedora 40 Update: qt6-qtwebview-6.7.1-1.fc40
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
BIT-LIFERAY-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
Liferay Portal 7.4.3.50 < 7.4.3.51 XSS
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field. Not...
Cross-site scripting in Liferay Portal
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
GHSA-WV99-WMPF-JRQR Cross-site scripting in Liferay Portal
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
The CVE-2023-33942 entry describes a cross-site scripting (XSS) flaw in the Liferay Web Content Display widget’s article selector for Portal 7.4.3.50 and DXP 7.4 Update 50, where an attacker can inject arbitrary scripts via the Title field of a web content article. Affected product/versions: Life...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
PT-2023-24584 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.50 Liferay DXP 7.4 update 50 Description: A cross-site scripting XSS issue exists in the Web Content Display widget's article selector, allowing remote attackers to inject arbitrary web script or HTML via a craft...
Liferay Portal Vulnerable to XSS via Mishandled Title or Summary in the Web Content Display
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display...
GHSA-6Q67-5WVC-RMW9 Liferay Portal Vulnerable to XSS via Mishandled Title or Summary in the Web Content Display
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display...
CVE-2022-26596
Cross-site scripting XSS vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via we...