Reflected Cross-Site Scripting (Reflected XSS)

Liferay Portal is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper input validation in the frontend-editor-ckeditor-web/ckeditor/samples/old/ajax.html path, which allows a remote unauthenticated attacker to inject and execute arbitrary JavaScript in the...

DEBIAN-CVE-2023-4771

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information...