Total vulnerabilities in the database
A cross-site scripting (XSS) vulnerability in Liferay Portal v7.3.3 through v7.4.2 and Liferay DXP v7.3 before service pack 3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name of a tag.
Software | From | Fixed in |
---|---|---|
liferay / dxp | 7.3 | 7.3.x |
liferay / dxp | 7.3-sp1 | 7.3-sp1.x |
liferay / dxp | 7.3-sp2 | 7.3-sp2.x |
liferay / dxp | 7.3-sp3 | 7.3-sp3.x |
liferay / liferay_portal | 7.3.3 | 7.4.3.4 |