4 matches found
CVE-2025-43771
Multiple cross-site scripting XSS vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected in...
CVE-2025-43771
Multiple cross-site scripting XSS vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected in...
CVE-2025-43771
Multiple cross-site scripting XSS vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected in...
CVE-2025-43771
CVE-2025-43771 affects Liferay Portal/DXP: multiple XSS vulnerabilities in the Notifications widget (First/Middle/Last Name, Other Reason, or content name) across Liferay Portal 7.4.3.102–7.4.3.111 and Liferay DXP 2023.Q3.1–Q3.10, 2023.Q4.0–Q4.5. Root cause is improper input handling in the Notif...