CVE-2024-25610 – com.liferay.portal:com.liferay.portal.web

Package

Manager: maven
Name: com.liferay.portal:com.liferay.portal.web
Vulnerable Version: >=0 <5.0.96

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00139 pctl0.34576

Details

Liferay Portal has a Stored XSS with Blog entries (Insecure defaults) In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated users to inject arbitrary web script or HTML (XSS) via a crafted payload injected into a blog entry’s content text field.

Metadata

Created: 2024-02-20T15:31:03Z
Modified: 2024-12-11T22:02:18Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-vvpf-53qx-cxhh/GHSA-vvpf-53qx-cxhh.json
CWE IDs: ["CWE-1188"]
Alternative ID: GHSA-vvpf-53qx-cxhh
Finding: F164
Auto approve: 1