12 matches found
GHSA-44JG-JGJX-3XG5 Liferay Portal's Dynamic Data Mapping module's DDMForm and Liferay DXP vulnerable to stored Cross-site Scripting
Stored cross-site scripting XSS vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users...
CVE-2024-25603
Stored cross-site scripting XSS vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users...
CVE-2024-25603
Stored cross-site scripting XSS vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users...
Cross site scripting
Stored cross-site scripting XSS vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users...
Liferay Portal and Liferay DXP Security Vulnerabilities
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
GHSA-2H26-QFXM-R3PQ Code injection in PowerJob
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...
Code injection in PowerJob
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...
CVE-2023-37754
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...
CVE-2023-37754
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...
CVE-2023-37754
CVE-2023-37754 affects PowerJob v4.3.3. The vulnerability is a remote command execution (RCE) via the instanceId parameter in the /instance/detail endpoint. The root cause is improper validation/filtering of constructor commands in the instanceId input, enabling arbitrary code/command execution o...
CVE-2023-37754
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...
CVE-2023-37754
PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...