3 matches found
EUVD-2025-28007
Malicious code in bioql PyPI...
CVE-2025-43733
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user...
PT-2025-33648 · Liferay · Liferay Portal 7.4.3.132 +2
Name of the Vulnerable Software and Affected Versions: Liferay Portal version 7.4.3.132 Liferay DXP versions 2025.Q1.0 through 2025.Q1.7 Description: A reflected cross-site scripting XSS vulnerability allows a remote authenticated attacker to inject JavaScript code via the content page’s name...