1 results (0.024 seconds)

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the `p_l_back_url_title` parameter. Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada en la página de edición de una página de contenido en Liferay Portal v7.4.3.94 hasta v7.4.3.95 permite a atacantes remotos inyectar script web o HTML arbitrario a través del parámetro `p_l_back_url_title`. • https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-47797 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •