Description
Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib.
Remediation
References
https://github.com/liferay/liferay-portal/commit/7e063aed70f947a92bb43a4471e0c4e650fe8f7f
Related Vulnerabilities
CVE-2018-19837 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2021-21252 Vulnerability in maven package org.webjars:jquery-validation
CVE-2023-37462 Vulnerability in maven package org.xwiki.platform:xwiki-platform-skin-ui
CVE-2018-25049 Vulnerability in npm package email-existence
CVE-2022-24794 Vulnerability in npm package express-openid-connect