Description
Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text field.
Remediation
References
Related Vulnerabilities
WordPress Plugin LazyEater Multiple Unspecified Vulnerabilities (1.2.4)
WordPress Plugin Erident Custom Login and Dashboard Cross-Site Request Forgery (3.4.1)
WordPress Plugin Display Widgets Spam Links Injection (2.6.3.1)
PostgreSQL Missing Encryption of Sensitive Data Vulnerability (CVE-2017-7485)
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1)