4 matches found
Liferay Portal 7.4.3.50 < 7.4.3.51 XSS
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field. Not...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
The CVE-2023-33942 entry describes a cross-site scripting (XSS) flaw in the Liferay Web Content Display widget’s article selector for Portal 7.4.3.50 and DXP 7.4 Update 50, where an attacker can inject arbitrary scripts via the Title field of a web content article. Affected product/versions: Life...