Total vulnerabilities in the database
A Cross-site scripting (XSS) vulnerability in the Document and Media module - file upload functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the description field of uploaded svg file.
| Software | From | Fixed in |
|---|---|---|
| liferay / dxp | 7.3 | 7.3.x |
| liferay / dxp | 7.4-update_1 | 7.4-update_1.x |
| liferay / dxp | 7.4-update_2 | 7.4-update_2.x |
| liferay / dxp | 7.4-update_3 | 7.4-update_3.x |
| liferay / dxp | 7.4-update_4 | 7.4-update_4.x |
| liferay / dxp | 7.4-update_5 | 7.4-update_5.x |
| liferay / dxp | 7.4-update_6 | 7.4-update_6.x |
| liferay / dxp | 7.4-update_7 | 7.4-update_7.x |
| liferay / dxp | 7.4-update_9 | 7.4-update_9.x |
| liferay / dxp | 7.4-update_8 | 7.4-update_8.x |
| liferay / dxp | 7.4-update_10 | 7.4-update_10.x |
| liferay / dxp | 7.4-update_11 | 7.4-update_11.x |
| liferay / dxp | 7.4-update_12 | 7.4-update_12.x |
| liferay / dxp | 7.4-update_14 | 7.4-update_14.x |
| liferay / dxp | 7.4-update_13 | 7.4-update_13.x |
| liferay / dxp | 7.4-update_15 | 7.4-update_15.x |
| liferay / dxp | 7.4-update_16 | 7.4-update_16.x |
| liferay / dxp | 7.4-update_18 | 7.4-update_18.x |
| liferay / dxp | 7.4-update_17 | 7.4-update_17.x |
| liferay / dxp | 7.4-update_19 | 7.4-update_19.x |
| liferay / dxp | 7.4-update_20 | 7.4-update_20.x |
| liferay / dxp | 7.4-update_21 | 7.4-update_21.x |
| liferay / dxp | 7.4-update_22 | 7.4-update_22.x |
| liferay / dxp | 7.4-update_23 | 7.4-update_23.x |
| liferay / dxp | 7.4-update_24 | 7.4-update_24.x |
| liferay / dxp | 7.4-update_25 | 7.4-update_25.x |
| liferay / dxp | 7.4-update_26 | 7.4-update_26.x |
| liferay / dxp | 7.4-update_27 | 7.4-update_27.x |
| liferay / dxp | 7.4-update_28 | 7.4-update_28.x |
| liferay / dxp | 7.3-update_1 | 7.3-update_1.x |
| liferay / dxp | 7.3-update_2 | 7.3-update_2.x |
| liferay / dxp | 7.3-update_3 | 7.3-update_3.x |
| liferay / dxp | 7.3-update_4 | 7.3-update_4.x |
| liferay / dxp | 7.3-update_5 | 7.3-update_5.x |
| liferay / liferay_portal | 7.3.5 | 7.4.3.28.x |
| liferay / dxp | 7.0 | 7.3 |