3 matches found
BIT-LIFERAY-2022-26593
Cross-site scripting XSS vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category...
GHSA-Q2RP-XFJ8-R95H Liferay Portal and Liferay DXP allows arbitrary injection via the name of an asset category
Cross-site scripting XSS vulnerability in the Asset module's asset categories selector before 6.1.0 in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of an asset category...
Cross site scripting
Cross-site scripting XSS vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category...