CVE-2025-62237 | Liferay Portal/DXP Commerce View Order Page Name cross site scripting

Inserito da Angelo Barbosa | Ott 10, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Liferay Portal and DXP. This affects an unknown part of the component Commerce View Order Page. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is listed as CVE-2025-62237. The attack may be initiated remotely. There is no available exploit.

CVE-2025-62237 | Liferay Portal/DXP Commerce View Order Page Name cross site scripting

Post correlati

CVE-2025-5337 | MetaSlider Slider, Gallery, and Carousel Plugin up to 3.98.0 on WordPress aria-label cross site scripting

CVE-2024-0523 | CmsEasy up to 7.7.7 language_admin.php getslide_child_action sid sql injection

CVE-2025-4303 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 /add-phlebotomist.php empid sql injection

CVE-2024-3988 | shaonsina Sina Extension for Elementor Plugin up to 3.5.2 on WordPress Fancy Text Widget cross site scripting