4 matches found
CVE-2023-47795
Stored cross-site scripting XSS vulnerability in the Document and Media widget in Liferay Portal 7.4.3.18 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 18 through 92 allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected...
CVE-2023-47795
Stored cross-site scripting XSS vulnerability in the Document and Media widget in Liferay Portal 7.4.3.18 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 18 through 92 allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected...
CVE-2023-47795
Summary: CVE-2023-47795 is a stored XSS vulnerability in the Document and Media widget of Liferay Portal 7.4.x (7.4.3.18–7.4.3.101) and Liferay DXP 2023.Q3 before patch 6, and in 7.4 update 18–92. The issue allows remote authenticated users to inject arbitrary script/HTML via crafting payloads in...
CVE-2023-47795
Stored cross-site scripting XSS vulnerability in the Document and Media widget in Liferay Portal 7.4.3.18 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 18 through 92 allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected...