CVE-2022-42113

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-42113
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-42113.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-42113
Published
2022-10-18T21:15:16Z
Modified
2024-07-05T21:26:42Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A Cross-site scripting (XSS) vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.

References

Affected packages

Git / github.com/liferay/liferay-portal

Affected ranges

Type
GIT
Repo
https://github.com/liferay/liferay-portal
Events