Cross-site scripting (XSS) vulnerability in the Server module's script console in Liferay Portal 7.3.2 and previous versions, and Liferay DXP 7.0 before fix pack 101, 7.1 before fix pack 20 and 7.2 before fix pack 10 allows remote malicious users to inject arbitrary web script or HTML via the output of a script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
liferay liferay portal |
||
liferay digital experience platform 7.2 |
||
liferay digital experience platform 7.1 |
||
liferay digital experience platform 7.0 |