2 matches found
CVE-2021-38264
Cross-site scripting XSS vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 and 7.4.1 allows remote attackers to inject arbitrary web script or HTML into the management toolbar search via the keywords parameter. This issue is caused by an incomplete fix in CVE-2021-35463...
CVE-2021-38264
CVE-2021-38264 affects Liferay Portal’s Frontend Taglib module in versions 7.4.0 and 7.4.1 , enabling XSS via the management toolbar search keywords parameter . The issue stems from an incomplete fix in CVE-2021-35463. The Connected documents confirm the affected product/version and the underlyin...