Количество 2
Количество 2
CVE-2025-62255
Self Cross-site scripting (XSS) vulnerability on the edit Knowledge Base article page in Liferay Portal 7.4.0 through 7.4.3.101, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an attachment's filename.
GHSA-gccf-r9xp-x8jx
Liferay Portal Self Cross-site scripting (XSS) vulnerability on the edit Knowledge Base article page
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-62255 Self Cross-site scripting (XSS) vulnerability on the edit Knowledge Base article page in Liferay Portal 7.4.0 through 7.4.3.101, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an attachment's filename. | CVSS3: 6.1 | 0% Низкий | 4 месяца назад |
| GHSA-gccf-r9xp-x8jx Liferay Portal Self Cross-site scripting (XSS) vulnerability on the edit Knowledge Base article page | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу