Description
Liferay Portal through v7.3.6 and Liferay DXP through v7.3 were discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Blog Entry function under the Blog module.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2007-1484)
Joomla Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-4104)
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30156)
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2023-38371)