Cve-2024-25610. Feb 20, 2024 at 5:21 am / national vulnerability database. A vulnerability has been found in liferay portal and dxp and classified as problematic.
I n liferay portal 7.2.0 through 7.4.3.12, and older unsupported versions, and liferay dxp 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and. In liferay portal and liferay dxp, the default configuration does not sanitize blog entries of javascript, which allows remote authenticated users to inject.
It Is Recommended To Apply.
Feb 20, 2024 at 5:21 am / national vulnerability database.
Epss Scores Are Processed Every Day And A New Epss Score History Record Is Created When Score Changes With Respect To The Previous.
No cpes found for this cve
In Liferay Portal And Liferay Dxp, The Default Configuration Does Not Sanitize Blog Entries Of Javascript, Which Allows Remote Authenticated Users To Inject.
Images References :
Securing Open Source Software Dependencies In The Public Cloud.
Feb 20, 2024 at 5:21 am / national vulnerability database.
Restricted Unprivileged User Namespaces Are Coming To Ubuntu 23.10.
An improper neutralization of equivalent special elements vulnerability in the packet forwarding engine (pfe) of juniper networks junos os on ptx series.
In Liferay Portal 7.2.0 Through 7.4.3.12, And Older Unsupported Versions, And Liferay Dxp 7.4 Before Update 9, 7.3 Before Update.