Количество 2
Количество 2
CVE-2025-43733
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user's browser when viewing the "document View Usages" page.
GHSA-vhcr-hgc8-29qr
Liferay Portal Vulnerable to Cross-Site Scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43733 A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user's browser when viewing the "document View Usages" page. | CVSS3: 5.4 | 0% Низкий | 6 месяцев назад |
| GHSA-vhcr-hgc8-29qr Liferay Portal Vulnerable to Cross-Site Scripting | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу