4 matches found
CVE-2022-42113
A Cross-site scripting XSS vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...
com.liferay:com.liferay.document.library.layout.set.prototype (>=1.0.0 <=2.0.10), com.liferay:com.liferay.frontend.image.editor.integration.document.library (>=1.0.0 <=1.0.16) potentially affected by CVE-2022-42113 via com.liferay:com.liferay.document.library.web (=1.0.0)
com.liferay:com.liferay.document.library.web MAVEN version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.liferay:com.liferay.document.library.web and may be impacted: - com.liferay:com.liferay.document.library.layout.set.prototype =1.0.0,...
CVE-2022-42113
CVE-2022-42113 is a documented XSS vulnerability in the Document Library module affecting Liferay Portal 7.4.3.30–7.4.3.36 and Liferay DXP 7.4 update 30–36. The issue allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:...
CVE-2022-42113
A Cross-site scripting XSS vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...