Description
Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib.
Remediation
References
https://github.com/liferay/liferay-portal/commit/7e063aed70f947a92bb43a4471e0c4e650fe8f7f
Related Vulnerabilities
CVE-2023-31579 Vulnerability in maven package top.tangyh.basic:lamp-util
CVE-2019-16771 Vulnerability in maven package com.linecorp.armeria:armeria
CVE-2023-45282 Vulnerability in npm package openmct
CVE-2018-14720 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2020-26217 Vulnerability in maven package xstream:xstream