CVE-2022-42111
CVE-2022-42111 is an XSS flaw in the Sharing module’s user notification in Liferay Portal 7.2.1–7.4.2 and Liferay DXP 7.2 (pre-FP19) and 7.3 (pre-Update 4). A crafted asset sharing payload enables remote script/HTML injection. Affected components: Sharing module, user notification; root cause: im...