Description

Liferay Portal v7.4.1 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the keywords parameter under the Frontend Taglib module.

Remediation

References

CVE-2021-38264

Related Vulnerabilities

WordPress Plugin UpdraftPlus WordPress Backup Multiple Vulnerabilities (1.16.58)

WordPress Plugin WP eCommerce 'cs1' Parameter SQL Injection (3.8.6)

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2068)

WordPress Other Vulnerability (CVE-2007-4154)

WordPress Plugin Member Approval Cross-Site Request Forgery (131109)

Severity

Medium

Classification

CVE-2021-38264 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities