Description
Liferay Portal v7.3.2 and below and Liferay DXP v7.0 and below were discovered to contain a cross-site scripting (XSS) vulnerability via the script console under the Server module.
Remediation
References
Related Vulnerabilities
MySQL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4)
Lodash Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-4800)
MySQL CVE-2013-3808 Vulnerability (CVE-2013-3808)
Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)