2 matches found
CVE-2024-25145
Stored cross-site scripting XSS vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote...
CVE-2024-25145
CVE-2024-25145 describes a stored cross-site scripting (XSS) vulnerability in the Portal Search module’s Search Result app of Liferay Portal 7.2.0–7.4.3.11, and older unsupported versions, plus certain Liferay DXP builds. The issue allows remote authenticated users to inject arbitrary script/HTML...