Liferay Portal and DXP affected by multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page

Multiple cross-site scripting XSS vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 35 through update 92 allow remote attackers to inject arbitrary we...

CVE-2025-62267

Multiple cross-site scripting XSS vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 35 through update 92 allow remote attackers to inject arbitrary we...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

EUVD-2016-3636

Malware in sbrugna...

CVE-2022-50446 ARC: mm: fix leakage of memory allocated for PTE

In the Linux kernel, the following vulnerability has been resolved: ARC: mm: fix leakage of memory allocated for PTE Since commit d9820ff "ARC: mm: switch pgtablet back to struct page " a memory leakage problem occurs. Memory allocated for page table entries not released during process terminatio...

Malicious code in structure-page-kitchen (npm)

The package structure-page-kitchen was found to contain malicious code...

MAL-2025-34101 Malicious code in structure-page-kitchen (npm)

The package structure-page-kitchen was found to contain malicious code...

CVE-2023-23208

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...

CVE-2025-21939 drm/xe/hmm: Don't dereference struct page pointers without notifier lock

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...

Cups Easy 跨站脚本漏洞

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the description parameter on the /cupseasylive/taxstructurecreate.php page. An attacker...

CVE-2023-23208

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...

CVE-2023-23208

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...

PT-2023-18876 · Genesys · Genesys Administrator Extension

Name of the Vulnerable Software and Affected Versions: Genesys Administrator Extension GAX versions prior to 9.0.105.15 Description: The issue is related to Cross Site Scripting XSS via the Business Structure page of the iWD plugin. This allows for potential malicious script execution. No...

CVE-2016-5704

Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment...

UBUNTU-CVE-2016-5704

Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment...

CVE-2016-5704

Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment...

phpMyAdmin Table Structure Page Cross Site Scripting Vulnerability

phpmyadmin is an online management tool for MySQL databases. A cross-site scripting vulnerability exists in the table structure page of phpmyadmin version 4.6.x, which can be exploited by an attacker to execute arbitrary scripts across sites...

phpMyAdmin Multiple XSS Vulnerabilities (PMASA-2016-12) - Windows

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DEBIAN-CVE-2016-2561

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via 1 normalization.php or 2 js/normalization.js in the database normalization page, 3...

UBUNTU-CVE-2016-2561

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via 1 normalization.php or 2 js/normalization.js in the database normalization page, 3...