Lucene search
K

4 matches found

NVD
NVD
added 2025/10/08 3:16 p.m.4 views

CVE-2025-43771

Multiple cross-site scripting XSS vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected in...

5.4CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/10/08 3:16 p.m.5 views

CVE-2025-43771

Multiple cross-site scripting XSS vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected in...

5.4CVSS5.6AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/08 2:13 p.m.8 views

CVE-2025-43771

Multiple cross-site scripting XSS vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected in...

4.8CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/10/08 2:13 p.m.14 views

CVE-2025-43771

CVE-2025-43771 affects Liferay Portal/DXP: multiple XSS vulnerabilities in the Notifications widget (First/Middle/Last Name, Other Reason, or content name) across Liferay Portal 7.4.3.102–7.4.3.111 and Liferay DXP 2023.Q3.1–Q3.10, 2023.Q4.0–Q4.5. Root cause is improper input handling in the Notif...

5.4CVSS5.4AI score0.00197EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder