Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module. This affects Liferay Portal 7.3.5 up to and including 7.4.2 and Liferay DXP 7.3 before update 8.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
liferay liferay portal |
||
liferay dxp 7.3 |