2 matches found
CVE-2023-47797
Reflected cross-site scripting XSS vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the plbackurltitle parameter...
CVE-2023-47797
CVE-2023-47797 is a reflected XSS in Liferay Portal 7.4.3.94–7.4.3.95 on the content page edit view. The vulnerability allows an attacker to inject arbitrary script/HTML via the p_l_back_url_title parameter, due to insufficient input validation on the edit page. Impact is described variably acros...