4 matches found
CVE-2023-33940
Cross-site scripting XSS vulnerability in IFrame type Remote Apps in Liferay Portal 7.4.0 through 7.4.3.30, and Liferay DXP 7.4 before update 31 allows remote attackers to inject arbitrary web script or HTML via the Remote App's IFrame URL...
CVE-2023-33940
Cross-site scripting XSS vulnerability in IFrame type Remote Apps in Liferay Portal 7.4.0 through 7.4.3.30, and Liferay DXP 7.4 before update 31 allows remote attackers to inject arbitrary web script or HTML via the Remote App's IFrame URL...
CVE-2023-33940
Cross-site scripting XSS vulnerability in IFrame type Remote Apps in Liferay Portal 7.4.0 through 7.4.3.30, and Liferay DXP 7.4 before update 31 allows remote attackers to inject arbitrary web script or HTML via the Remote App's IFrame URL...
CVE-2023-33940
CVE-2023-33940 affects Liferay Portal 7.4.0–7.4.3.30 and Liferay DXP 7.4 prior to update 31. The vulnerability is a cross-site scripting (XSS) flaw in the IFrame type Remote Apps, allowing an attacker to inject arbitrary script/HTML via the Remote App's IFrame URL. Mitigation: upgrade to Liferay ...