Lucene search
+L

9 matches found

nessus
nessus
added 2025/11/05 12:0 a.m.8 views

Liferay Portal 7.4.3.8 < 7.4.3.112 XSS

Reflected cross-site scripting XSS vulnerability in Language Override in Liferay Portal allows remote attackers to inject arbitrary web script or HTML via the comliferayportallanguageoverridewebinternalportletPLOPortletselectedLanguageId parameter. Note that Nessus has not tested for this issue b...

6.1CVSS5.4AI score0.00221EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/11/01 6:6 p.m.11 views

CVE-2025-62264

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References1
snyk
snyk
added 2025/10/31 6:31 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the selectedLanguageId parameter. An attacker can execute arbitrary web scripts or inject HTML by supplying crafted input to this parameter. Details Cross-site scripting or XSS is a code vulnerability that...

6.1CVSS5.5AI score0.00221EPSS
Exploits0References2
github
github
added 2025/10/31 6:31 p.m.9 views

Liferay Portal Vulnerable to Reflected XSS via the selectedLanguageId Parameter

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References3Affected Software1
osv
osv
added 2025/10/31 6:31 p.m.6 views

GHSA-2J97-4JMQ-C4XF Liferay Portal Vulnerable to Reflected XSS via the selectedLanguageId Parameter

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References3
nvd
nvd
added 2025/10/31 6:15 p.m.10 views

CVE-2025-62264

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS0.00221EPSS
Exploits0References1
osv
osv
added 2025/10/31 6:15 p.m.5 views

CVE-2025-62264

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS5.5AI score0.00221EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/10/31 5:32 p.m.3 views

CVE-2025-62264

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

5.1CVSS5.4AI score0.00221EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/10/31 12:0 a.m.7 views

PT-2025-44660

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.3.8 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay DXP versions 2023.Q4.0 through 2023.Q4.10 Description A reflected cross-site scripting XSS issue exists in the Language Override...

6.1CVSS5.6AI score0.00221EPSS
Exploits0References13
Rows per page
Query Builder