EUVD-2005-3510

Malware in sbrugna...

Cross-Site Scripting (Reflected XSS)

Liferay Portal is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization in entrycoverimagecaption.jsp within the Blogs module, which allows a remote unauthenticated attacker to inject malicious JavaScript and execute it in a victim’s browser...

CVE-2021-38267

Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...

BIT-LIFERAY-2021-38267

Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...

Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in edit blog entry page

Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...

CVE-2021-38267

CVE-2021-38267 is a Cross-site Scripting (XSS) vulnerability disclosed for the Blogs module in Liferay Portal 7.3.2–7.3.6 and Liferay DXP 7.3 before fix pack 2. The issue enables remote attackers to inject arbitrary web script or HTML via the _com_liferay_blogs_web_portlet_BlogsAdminPortlet_title...