Количество 2
Количество 2
CVE-2025-43769
Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote attackers to execute arbitrary web script or HTML via components tab.
GHSA-rvmf-jw8g-r35r
Liferay Portal vulnerable to Stored XSS in Components portlet
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43769 Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote attackers to execute arbitrary web script or HTML via components tab. | CVSS3: 6.1 | 0% Низкий | 6 месяцев назад |
| GHSA-rvmf-jw8g-r35r Liferay Portal vulnerable to Stored XSS in Components portlet | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу