Количество 2
Количество 2
CVE-2025-43765
A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content.
GHSA-h8gx-4hhm-w45v
Liferay Portal stored cross-site scripting in text field of the web content structure
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43765 A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content. | CVSS3: 6.1 | 0% Низкий | 6 месяцев назад |
| GHSA-h8gx-4hhm-w45v Liferay Portal stored cross-site scripting in text field of the web content structure | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу