Description

Liferay Portal v7.4.1 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the keywords parameter under the Frontend Taglib module.

Remediation

References

CVE-2021-38264

Related Vulnerabilities

Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)

phpMyAdmin Other Vulnerability (CVE-2007-4306)

phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0307)

WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (5.6.1)

WordPress Plugin Premmerce Variation Swatches for WooCommerce Security Bypass (1.0)

Severity

Medium

Classification

CVE-2021-38264 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities