Количество 2
Количество 2
CVE-2021-33339
Cross-site scripting (XSS) vulnerability in the Fragment module in Liferay Portal 7.2.1 through 7.3.4, and Liferay DXP 7.2 before fix pack 9 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_site_admin_web_portlet_SiteAdminPortlet_name parameter.
GHSA-7pxh-q6jw-6xj8
Liferay Portal Fragment Module and Liferay DXP Vulnerable to Cross-Site Scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-33339 Cross-site scripting (XSS) vulnerability in the Fragment module in Liferay Portal 7.2.1 through 7.3.4, and Liferay DXP 7.2 before fix pack 9 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_site_admin_web_portlet_SiteAdminPortlet_name parameter. | CVSS3: 4.8 | 0% Низкий | больше 4 лет назад |
| GHSA-7pxh-q6jw-6xj8 Liferay Portal Fragment Module and Liferay DXP Vulnerable to Cross-Site Scripting | CVSS3: 4.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу