Description
Reflected cross-site scripting (XSS) vulnerability on the Export for Translation page in Liferay Portal 7.4.3.4 through 7.4.3.85, and Liferay DXP 7.4 before update 86 allows remote attackers to inject arbitrary web script or HTML via the `_com_liferay_translation_web_internal_portlet_TranslationPortlet_redirect` parameter.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2002-0656)
WordPress Plugin Product Slider for WooCommerce by PickPlugins Cross-Site Scripting (1.13.41)
Oracle Database Server CVE-2013-3790 Vulnerability (CVE-2013-3790)
MySQL CVE-2020-2814 Vulnerability (CVE-2020-2814)
Dot CMS Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-3165)