Description
Liferay Portal v7.3.6 and below and Liferay DXP v7.3 and below were discovered to contain a cross-site scripting (XSS) vulnerability via the _com_liferay_asset_list_web_portlet_AssetListPortlet_title parameter.
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-2058 Vulnerability (CVE-2021-2058)
WordPress Plugin WP Content Filter Unspecified Vulnerability (2.42)
PHP Numeric Errors Vulnerability (CVE-2007-3996)
WordPress Plugin LittleBot ACH for Stripe + Plaid Unspecified Vulnerability (1.2.6)
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.2.4)