NotCVE - vendor:"Liferay" product:"Liferay Portal" version:"

Page 14 of 81 results (0.005 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-17868

https://notcve.org/view.php?id=CVE-2017-17868

In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter (p_r_p) value, as demonstrated by p_r_p_564233524_tag. En Liferay Portal 6.1.0, la selección de etiquetas contiene CSS mediante un valor Public Render Parameter (p_r_p), tal y como lo demuestra p_r_p_564233524_tag. • https://cxsecurity.com/issue/WLB-2017120169 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12645

https://notcve.org/view.php?id=CVE-2017-12645

XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Liferay Portal en versiones anteriores a la 7.0 CE GA4 mediante un portletId no válido. • https://dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-70/-/asset_publisher/cjE0ourZXJZE/content/cst-7017-multiple-xss-vulnerabilities https://issues.liferay.com/browse/LPS-72307 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12646

https://notcve.org/view.php?id=CVE-2017-12646

XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, password, or e-mail address. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Liferay Portal en versiones anteriores a la 7.0 CE GA4 mediante un nombre de inicio de sesión, contraseña o dirección de email. • https://dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-70/-/asset_publisher/cjE0ourZXJZE/content/cst-7017-multiple-xss-vulnerabilities https://github.com/brianchandotcom/liferay-portal/pull/49833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12647

https://notcve.org/view.php?id=CVE-2017-12647

XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Liferay Portal en versiones anteriores a la 7.0 CE GA4 mediante un título de artículo de Knowledge Base. • https://dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-70/-/asset_publisher/cjE0ourZXJZE/content/cst-7017-multiple-xss-vulnerabilities https://github.com/brianchandotcom/liferay-portal/pull/48901 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12648

https://notcve.org/view.php?id=CVE-2017-12648

XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Liferay Portal en versiones anteriores a la 7.0 CE GA4 mediante una marcador URL. • https://dev.liferay.com/web/community-security-team/known-vulnerabilities/liferay-portal-70/-/asset_publisher/cjE0ourZXJZE/content/cst-7017-multiple-xss-vulnerabilities https://github.com/brianchandotcom/liferay-portal/pull/47888 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...12 13 14 15 16