Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-42110: [LPE-17403] LSV-959: Stored XSS with announcement/alert type

A Cross-site scripting (XSS) vulnerability in the Announcements module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML.

CVE
Open in Source
#xss#vulnerability#web

Cross-site scripting (XSS) vulnerability in the Announcements module’s Announcement and Alerts management page in Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_announcements_web_portlet_AnnouncementsAdminPortlet_type parameter.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE