GHSA-893R-JR58-3HXR Liferay Portal Commerce Shop is vulnerable to Stored XSS through SVG file
There is a Stored Cross-Site Scripting XSS vulnerability in diagram type products in Commerce in Liferay Portal 7.4.3.18 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 18 through update 92. This vulnerability allows remote attackers to...