Количество 2
Количество 2
CVE-2022-26593
Cross-site scripting (XSS) vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category.
GHSA-q2rp-xfj8-r95h
Liferay Portal and Liferay DXP allows arbitrary injection via the name of an asset category
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-26593 Cross-site scripting (XSS) vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category. | CVSS3: 5.4 | 0% Низкий | почти 4 года назад |
| GHSA-q2rp-xfj8-r95h Liferay Portal and Liferay DXP allows arbitrary injection via the name of an asset category | CVSS3: 5.4 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу