5 matches found
CVE-2021-33328
Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...
CVE-2021-33328
Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...
CVE-2021-33328
Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...
CVE-2021-33328
CVE-2021-33328 is a cross-site scripting (XSS) vulnerability in the Liferay Portal/DXP Asset module, affecting the edit vocabulary page. The issue can be triggered via two parameters: “_com_liferay_journal_web_portlet_JournalPortlet_name” and “_com_liferay_document_library_web_portlet_DLAdminPor...
CVE-2021-33328
Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...