Liferay Portal@7.4.3.30 Security Vulnerabilities and Issues — Liferay Portal@7.4.3.30 CVE List

Lucene search

LiferayLiferay Portal7.4.3.30

2 matches found

CVE•added 2023/05/24 2:15 p.m.•53 views

CVE-2023-33940

Cross-site scripting (XSS) vulnerability in IFrame type Remote Apps in Liferay Portal 7.4.0 through 7.4.3.30, and Liferay DXP 7.4 before update 31 allows remote attackers to inject arbitrary web script or HTML via the Remote App's IFrame URL.

5.4CVSS5.4AI score0.00083EPSS

CVE•added 2022/10/18 9:15 p.m.•45 views

CVE-2022-42113

A Cross-site scripting (XSS) vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.

6.1CVSS6AI score0.0018EPSS