2 matches found
CVE-2022-28979
CVE-2022-28979 is an XSS vulnerability in the Portal Search module’s Custom Facet widget affecting Liferay Portal 7.1.0–7.4.2 and Liferay DXP 7.1 (before fix pack 26), 7.2 (before fix pack 15), and 7.3 (before service pack 3). The issue arises from the Custom Parameter Name field in the widget, a...
CVE-2022-28979
Liferay Portal v7.1.0 through v7.4.2 and Liferay DXP 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 was discovered to contain a cross-site scripting XSS vulnerability in the Portal Search module's Custom Facet widget. This vulnerability allows attackers to execute...