CVE-2024-25147 | Liferay Portal/DXP Javascript Style Link cross site scripting

Posted by Angelo Barbosa | Feb 21, 2024 | CVE

A vulnerability classified as problematic has been found in Liferay Portal and DXP. This affects an unknown part of the component Javascript Style Link Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-25147. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-25147 | Liferay Portal/DXP Javascript Style Link cross site scripting

Related Posts

CVE-2024-34313 | VPL Jail System up to 4.0.2 Request path traversal

CVE-2024-7593 | Ivanti vTM up to 22.2R0/22.7R1 improper authentication

CVE-2024-10227 | affiliate-toolkit Plugin up to 3.6.5 on WordPress Shortcode atkp_product cross site scripting

CVE-2024-5296 | D-Link D-View 2.0.1.28 TokenUtils hard-coded key (ZDI-24-447)