Количество 2
Количество 2
CVE-2022-26594
Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.5 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allow remote attackers to inject arbitrary web script or HTML via a form field's help text to (1) Forms module's form builder, or (2) App Builder module's object form view's form builder.
GHSA-658f-xhv4-p978
Liferay Portal and Liferay DXP allows arbitrary injection via form field
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-26594 Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.5 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allow remote attackers to inject arbitrary web script or HTML via a form field's help text to (1) Forms module's form builder, or (2) App Builder module's object form view's form builder. | CVSS3: 6.1 | 0% Низкий | почти 4 года назад |
| GHSA-658f-xhv4-p978 Liferay Portal and Liferay DXP allows arbitrary injection via form field | CVSS3: 6.1 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу