Lucene search
PRIOn knowledge basePRION:CVE-2021-29048HistoryMay 17, 2021 - 12:15 p.m.
Cross site scripting
2021-05-1712:15:00
PRIOn knowledge base
www.prio-n.com
4
0.001 Low
EPSS
Percentile
47.1%
Cross-site scripting (XSS) vulnerability in the Layout module’s page administration page in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.2 before fix pack 11 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_name parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dxp | eq | 7.2 fixpack2 | |
| dxp | eq | 7.2 fixpack3 | |
| dxp | eq | 7.2 fixpack4 | |
| dxp | eq | 7.2 fixpack5 | |
| dxp | eq | 7.2 fixpack1 | |
| dxp | eq | 7.2 | |
| dxp | eq | 7.2 fixpack6 | |
| dxp | eq | 7.2 fixpack7 | |
| dxp | eq | 7.2 fixpack8 | |
| dxp | eq | 7.2 fixpack9 |
Related
cve
cve
CVE-2021-29048
2021-05-17 12:15:07
nvd
nvd
CVE-2021-29048
2021-05-17 12:15:07
cvelist
cvelist
CVE-2021-29048
2021-05-17 11:08:23
nessus
nessus
Liferay Portal 7.3.4 < 7.3.6 XSS
2021-07-13 00:00:00
osv
osv
CVE-2021-29048
2021-05-17 12:15:07