Lucene search
K

4 matches found

Snyk
Snyk
added 2025/09/30 12:30 a.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the comliferaylayoutadminwebportletGroupPagesPortletbackURLTitle parameter on the page configuration page. An attacker can execute arbitrary web script or HTML in the context of a user's browser by tricking ...

6.1CVSS5.3AI score0.00224EPSS
Exploits0References2
OSV
OSV
added 2025/09/30 12:30 a.m.6 views

GHSA-WMJX-XV9V-R89Q Liferay Portal vulnerable to reflected cross-site scripting on the page configuration page

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

5.1CVSS5.8AI score0.00224EPSS
Exploits0References5
NVD
NVD
added 2025/09/29 10:15 p.m.8 views

CVE-2025-43815

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 9:19 p.m.11 views

CVE-2025-43815

Reflected cross-site scripting XSS vulnerability on the page configuration page in Liferay Portal 7.4.3.102 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, and 2023.Q3.5 allows remote attackers to inject arbitrary web script or HTML via the...

5.1CVSS0.00224EPSS
Exploits0References1
Rows per page
Query Builder