Количество 2
Количество 2
CVE-2024-26269
Cross-site scripting (XSS) vulnerability in the Frontend JS module's portlet.js in Liferay Portal 7.2.0 through 7.4.3.37, and Liferay DXP 7.4 before update 38, 7.3 before update 11, 7.2 before fix pack 20, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via the anchor (hash) part of a URL.
GHSA-rwhv-hvj2-qrqm
Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-26269 Cross-site scripting (XSS) vulnerability in the Frontend JS module's portlet.js in Liferay Portal 7.2.0 through 7.4.3.37, and Liferay DXP 7.4 before update 38, 7.3 before update 11, 7.2 before fix pack 20, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via the anchor (hash) part of a URL. | CVSS3: 9.6 | 0% Низкий | почти 2 года назад |
| GHSA-rwhv-hvj2-qrqm Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting | CVSS3: 9.6 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу