CVE-2021-35463
published 2021-08-04CVE-2021-35463: Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 allows remote attackers to inject arbitrary web script or HTML…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 allows remote attackers to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |