6 matches found
CVE-2025-62267
CVE-2025-62267 describes multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.3.35–7.4.3.111 and Liferay DXP 2023.Q3/Q4 releases, triggered through the web content template’s select structure page. The root cause is improper handling of user input in the First Name, Middle Na...
CVE-2020-7159
A customtemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...
HPE Intelligent Management Center (IMC) customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A customTemplateSelect expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) quickTemplateSelect Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A quickTemplateSelect expression language injection remote code execution vulnerability exists in HPE...
The vulnerability of the customTemplateSelect.xhtml component in the HPE Intelligent Management Center PLAT software platform allows a perpetrator to execute arbitrary code.
The vulnerability of the customTemplateSelect.xhtml component in the HPE Intelligent Management Center PLAT software platform is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the beanName parameter...
The vulnerability of the templateSelect.xhtml component in the HPE Intelligent Management Center PLAT software platform allows a perpetrator to execute arbitrary code.
The vulnerability of the templateSelect.xhtml component in the HPE Intelligent Management Center PLAT software platform is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code with the parameter beanName...