2 matches found
CVE-2023-42628
Stored cross-site scripting XSS vulnerability in the Wiki widget in Liferay Portal 7.1.0 through 7.4.3.87, and Liferay DXP 7.0 fix pack 83 through 102, 7.1 fix pack 28 and earlier, 7.2 fix pack 20 and earlier, 7.3 update 33 and earlier, and 7.4 before update 88 allows remote attackers to inject...
CVE-2023-42628
The CVE-2023-42628 entry describes a stored XSS vulnerability in the Wiki widget of Liferay Portal (7.1.0–7.4.3.87) and Liferay DXP (various fix packs/updates listed in the description) that allows remote attackers to inject script/HTML via a wiki page’s Content field. Affected pages include pare...