CVE-2024-25147 | Liferay Portal/DXP Javascript Style Link cross site scripting

Posted by Angelo Barbosa | Feb 21, 2024 | CVE

A vulnerability classified as problematic has been found in Liferay Portal and DXP. This affects an unknown part of the component Javascript Style Link Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-25147. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-25147 | Liferay Portal/DXP Javascript Style Link cross site scripting

Related Posts

CVE-2023-51521 | ExpressTech Quiz and Survey Master Plugin up to 8.1.18 on WordPress cross-site request forgery

CVE-2024-33643 | Kailey Lampert Advanced Most Recent Posts Mod Plugin up to 1.6.5.2 on WordPress cross site scripting

CVE-2024-9710 | PostHog database_schema server-side request forgery (ZDI-24-1383)

CVE-2024-29891 | Zitadel up to 2.48.2 Avatar Image unrestricted upload