3 matches found
CVE-2022-26593
Cross-site scripting XSS vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category...
CVE-2022-26593
CVE-2022-26593 is an XSS vulnerability affecting Liferay Portal/DXP: Asset module’s asset categories selector in Liferay Portal 7.3.3–7.4.0 and Liferay DXP 7.3 before SP3. The issue allows remote attackers to inject arbitrary web script/HTML via the name of an asset category. Root cause is a cros...
CVE-2022-26593
Cross-site scripting XSS vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category...