cbcvebase.
CVE-2009-3742
published 2010-01-07

CVE-2009-3742: Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3.0 allows remote attackers to inject arbitrary web script or HTML via the p_p_id parameter.

medium4.3CVSS 3.1
AVNACMAuNCNIPAN
Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3.0 allows remote attackers to inject arbitrary web script or HTML via the p_p_id parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
liferayliferay_portal<= 5.2.3