EUVD-2025-33173

Cross-site scripting XSS vulnerability in the Commerce Product Comparison Table widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML v...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Commerce Product Comparison Table widget when user-supplied input is injected into the Name text field of a Commerce Product. An attacker can execute arbitrary web scripts in the context of the user's...

CVE-2025-43821

Cross-site scripting XSS vulnerability in the Commerce Product Comparison Table widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML v...

CVE-2025-43821

Cross-site scripting XSS vulnerability in the Commerce Product Comparison Table widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML v...

CVE-2025-43821

Cross-site scripting XSS vulnerability in the Commerce Product Comparison Table widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML v...

PT-2025-41253

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.8 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Description A cross-site scripting XSS issue exists in the Commerce Product Comparison Table...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin <= 2.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin versions = 2.2.0. Solution Update the WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin to th...

WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin <= 2.2.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin versions = 2.2.0. Solution Update the WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin to the latest available versio...